geckon01/simple-php-router
1
0
Fork 0
mirror of https://github.com/skipperbent/simple-php-router.git synced 2026-06-17 00:37:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #651 from skipperbent/v5-development

Browse Source 
Version 5.3.0.0
This commit is contained in:
Simon Sessingø
2023-04-07 15:41:04 +02:00
committed by GitHub
parent fadb783d3c 5ac747374b
commit b937b610de
5 changed files with 47 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+11
View File
@@ -1036,6 +1036,17 @@ class CustomExceptionHandler implements IExceptionHandler
return;
}
/* Other error */
if($error instanceof MyCustomException) {
$request->setRewriteRoute(
// Add new route based on current url (minus query-string) and add custom parameters.
(new RouteUrl(url(null, null, []), 'PageController@error'))->setParameters(['exception' => $error])
);
return;
}
throw $error;
src/Pecee/Http/Middleware/BaseCsrfVerifier.php
+24 -19
View File
@@ -17,13 +17,13 @@ class BaseCsrfVerifier implements IMiddleware
* For example: /admin/*
* @var array|null
*/
protected ?array $except = null;
protected array $except = [];
/**
* Urls to include. Can be used to include urls from a certain path.
* @var array|null
*/
protected ?array $include = null;
protected array $include = [];
/**
* @var ITokenProvider
@@ -38,6 +38,23 @@ class BaseCsrfVerifier implements IMiddleware
$this->tokenProvider = new CookieTokenProvider();
}
protected function isIncluded(Request $request): bool
{
if (count($this->include) > 0) {
foreach ($this->include as $includeUrl) {
$includeUrl = rtrim($includeUrl, '/');
if ($includeUrl[strlen($includeUrl) - 1] === '*') {
$includeUrl = rtrim($includeUrl, '*');
return $request->getUrl()->contains($includeUrl);
}
return ($includeUrl === rtrim($request->getUrl()->getRelativeUrl(false), '/'));
}
}
return false;
}
/**
* Check if the url matches the urls in the except property
* @param Request $request
@@ -45,11 +62,11 @@ class BaseCsrfVerifier implements IMiddleware
*/
protected function skip(Request $request): bool
{
if ($this->except === null || count($this->except) === 0) {
if (count($this->except) === 0) {
return false;
}
foreach($this->except as $url) {
foreach ($this->except as $url) {
$url = rtrim($url, '/');
if ($url[strlen($url) - 1] === '*') {
$url = rtrim($url, '*');
@@ -60,20 +77,9 @@ class BaseCsrfVerifier implements IMiddleware
if ($skip === true) {
if(is_array($this->include) === true && count($this->include) > 0) {
foreach($this->include as $includeUrl) {
$includeUrl = rtrim($includeUrl, '/');
if ($includeUrl[strlen($includeUrl) - 1] === '*') {
$includeUrl = rtrim($includeUrl, '*');
$skip = !$request->getUrl()->contains($includeUrl);
break;
}
$skip = !$this->isIncluded($request);
$skip = !($includeUrl === rtrim($request->getUrl()->getRelativeUrl(false), '/'));
}
}
if($skip === false) {
if ($skip === false) {
continue;
}
@@ -92,12 +98,11 @@ class BaseCsrfVerifier implements IMiddleware
*/
public function handle(Request $request): void
{
if ($this->skip($request) === false && $request->isPostBack() === true) {
if ($this->skip($request) === false && ($request->isPostBack() === true || $this->isIncluded($request) === true)) {
$token = $request->getInputHandler()->value(
static::POST_KEY,
$request->getHeader(static::HEADER_KEY),
Request::$requestTypesPost
);
if ($this->tokenProvider->validate((string)$token) === false) {
src/Pecee/SimpleRouter/ClassLoader/ClassLoader.php
+6 -6
View File
@@ -27,11 +27,11 @@ class ClassLoader implements IClassLoader
* @param object $class
* @param string $method
* @param array $parameters
* @return mixed
* @return string
*/
public function loadClassMethod($class, string $method, array $parameters)
public function loadClassMethod($class, string $method, array $parameters): string
{
return call_user_func_array([$class, $method], array_values($parameters));
return (string)call_user_func_array([$class, $method], array_values($parameters));
}
/**
@@ -39,11 +39,11 @@ class ClassLoader implements IClassLoader
*
* @param Callable $closure
* @param array $parameters
* @return mixed
* @return string
*/
public function loadClosure(Callable $closure, array $parameters)
public function loadClosure(callable $closure, array $parameters): string
{
return call_user_func_array($closure, array_values($parameters));
return (string)call_user_func_array($closure, array_values($parameters));
}
}
src/Pecee/SimpleRouter/Router.php
+4 -4
View File
@@ -346,7 +346,7 @@ class Router
/* Verify csrf token for request */
$this->csrfVerifier->handle($this->request);
} catch(Exception $e) {
$this->handleException($e);
return $this->handleException($e);
}
}
@@ -427,7 +427,7 @@ class Router
$routeOutput = $route->renderRoute($this->request, $this);
if ($this->renderMultipleRoutes === true) {
if ($routeOutput !== null) {
if ($routeOutput !== '') {
return $routeOutput;
}
@@ -444,12 +444,12 @@ class Router
}
} catch (Exception $e) {
$this->handleException($e);
return $this->handleException($e);
}
if ($methodNotAllowed === true) {
$message = sprintf('Route "%s" or method "%s" not allowed.', $this->request->getUrl()->getPath(), $this->request->getMethod());
$this->handleException(new NotFoundHttpException($message, 403));
return $this->handleException(new NotFoundHttpException($message, 403));
}
if (count($this->request->getLoadedRoutes()) === 0) {
tests/Pecee/SimpleRouter/Dummy/CsrfVerifier/DummyCsrfVerifier.php
+2 -2
View File
@@ -2,12 +2,12 @@
class DummyCsrfVerifier extends \Pecee\Http\Middleware\BaseCsrfVerifier {
protected ?array $except = [
protected array $except = [
'/exclude-page',
'/exclude-all/*',
];
protected ?array $include = [
protected array $include = [
'/exclude-all/include-page',
];