mirror of
https://github.com/skipperbent/simple-php-router.git
synced 2026-06-24 12:09:16 +00:00
Compare commits
17 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Simon Sessingø
|
a565f66c4c | ||
|
Simon Sessingø
|
832ef992a3 | ||
|
Simon Sessingø
|
cc5e417db9 | ||
|
Simon Sessingø
|
2cc90e28d0 | ||
|
Simon Sessingø
|
eb63a5d6ba | ||
|
Simon Sessingø
|
a07b30a80d | ||
 Juan Antonio Tubio
|
c45cd6347a | ||
|
Simon Sessingø
|
4a353efc97 | ||
|
Simon Sessingø
|
f7ce440c56 | ||
|
Simon Sessingø
|
41705f030a | ||
|
Simon Sessingø
|
18fa0f9610 | ||
|
Simon Sessingø
|
60393a3722 | ||
|
Simon Sessingø
|
3df3ef36ef | ||
|
Simon Sessingø
|
c723ca7e61 | ||
|
Simon Sessingø
|
e3b6899375 | ||
|
Simon Sessingø
|
a179450018 | ||
|
Simon Sessingø
|
ac3e9ed2ac |
@@ -709,6 +709,20 @@ You can get the CSRF-token by calling the helper method:
|
||||
csrf_token();
|
||||
```
|
||||
|
||||
The default name/key for the input-field is `csrf_token` and is defined in the `POST_KEY` constant in the `BaseCsrfVerifier` class.
|
||||
You can change the key by overwriting the constant in your own CSRF-verifier class.
|
||||
|
||||
**Example:**
|
||||
|
||||
The example below will post to the current url with a hidden field "`csrf_token`".
|
||||
|
||||
```html
|
||||
<form method="post" action="<?= url(); ?>">
|
||||
<input type="hidden" name="csrf_token" value="<?= csrf_token(); ?>">
|
||||
<!-- other input elements here -->
|
||||
</form>
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
# Middlewares
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
namespace Pecee\Http\Middleware;
|
||||
|
||||
use Pecee\CsrfToken;
|
||||
|
||||
@@ -285,7 +285,8 @@ class Router
|
||||
}
|
||||
|
||||
if ($routeNotAllowed === true) {
|
||||
$this->handleException(new HttpException('Route or method not allowed', 403));
|
||||
$message = sprintf('Route "%s" or method "%s" not allowed.', $this->request->getUri()->getPath(), $this->request->getMethod());
|
||||
$this->handleException(new HttpException($message, 403));
|
||||
}
|
||||
|
||||
if ($this->request->getLoadedRoute() === null) {
|
||||
@@ -329,25 +330,31 @@ class Router
|
||||
throw new HttpException('Exception handler must implement the IExceptionHandler interface.', 500);
|
||||
}
|
||||
|
||||
if ($handler->handleError($this->request, $e) !== null) {
|
||||
try {
|
||||
|
||||
$rewriteRoute = $this->request->getRewriteRoute();
|
||||
if ($handler->handleError($this->request, $e) !== null) {
|
||||
|
||||
if ($rewriteRoute !== null) {
|
||||
$rewriteRoute->loadMiddleware($this->request);
|
||||
$rewriteRoute = $this->request->getRewriteRoute();
|
||||
|
||||
return $rewriteRoute->renderRoute($this->request);
|
||||
if ($rewriteRoute !== null) {
|
||||
$rewriteRoute->loadMiddleware($this->request);
|
||||
|
||||
return $rewriteRoute->renderRoute($this->request);
|
||||
}
|
||||
|
||||
$rewriteUrl = $this->request->getRewriteUrl();
|
||||
|
||||
/* If the request has changed */
|
||||
if ($rewriteUrl !== null && $rewriteUrl !== $url) {
|
||||
unset($this->exceptionHandlers[$i]);
|
||||
$this->exceptionHandlers = array_values($this->exceptionHandlers);
|
||||
|
||||
return $this->routeRequest(true);
|
||||
}
|
||||
}
|
||||
|
||||
$rewriteUrl = $this->request->getRewriteUrl();
|
||||
} catch (\Exception $e) {
|
||||
|
||||
/* If the request has changed */
|
||||
if ($rewriteUrl !== null && $rewriteUrl !== $url) {
|
||||
unset($this->exceptionHandlers[$i]);
|
||||
$this->exceptionHandlers = array_values($this->exceptionHandlers);
|
||||
|
||||
return $this->routeRequest(true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -588,4 +595,4 @@ class Router
|
||||
return $this;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user