julfiker /
csrf-php
@@ -7,4 +7,4 @@ |
||
| 7 | 7 | * Csrf token timeout exception |
| 8 | 8 | * @autho: Julfiker <[email protected]> |
| 9 | 9 | */ |
| 10 | -class CsrfTimeOutException extends Exception {protected $massage = "Token already expired! please try again.";} |
|
| 10 | +class CsrfTimeOutException extends Exception {protected $massage = "Token already expired! please try again."; } |
|
@@ -90,7 +90,7 @@ discard block |
||
| 90 | 90 | public function generateToken() { |
| 91 | 91 | $sesId = session_id(); |
| 92 | 92 | if (!$sesId) |
| 93 | - $sesId = session_id("UN_AUTHORIZED"); |
|
| 93 | + $sesId = session_id("UN_AUTHORIZED"); |
|
| 94 | 94 | |
| 95 | 95 | $this->CSRFToken = md5($sesId+self::SLAT+time()); |
| 96 | 96 | $minutes = $this->tokenValidInMinutes; |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | if (!$this->session->has(self::SESSION_STORE_TOKEN_NAME) || $this->_isTokenExpired()) |
| 131 | 131 | $this->refreshToken(); |
| 132 | 132 | |
| 133 | - return $this->session->get(self::SESSION_STORE_TOKEN_NAME); |
|
| 133 | + return $this->session->get(self::SESSION_STORE_TOKEN_NAME); |
|
| 134 | 134 | } |
| 135 | 135 | |
| 136 | 136 | /** |
@@ -72,7 +72,7 @@ |
||
| 72 | 72 | public function checkToken() { |
| 73 | 73 | $pass = false; |
| 74 | 74 | $method = $this->request->getRealMethod(); |
| 75 | - if (in_array($method, ['PUT','POST','DELETE'])) { |
|
| 75 | + if (in_array($method, [ 'PUT', 'POST', 'DELETE' ])) { |
|
| 76 | 76 | $csrfToken = $this->getRequest()->get($this->getTokenFieldName()); |
| 77 | 77 | if ($csrfToken && $this->getStorageToken() == $csrfToken) { |
| 78 | 78 | $pass = true; |
@@ -89,8 +89,9 @@ discard block |
||
| 89 | 89 | */ |
| 90 | 90 | public function generateToken() { |
| 91 | 91 | $sesId = session_id(); |
| 92 | - if (!$sesId) |
|
| 93 | - $sesId = session_id("UN_AUTHORIZED"); |
|
| 92 | + if (!$sesId) { |
|
| 93 | + $sesId = session_id("UN_AUTHORIZED"); |
|
| 94 | + } |
|
| 94 | 95 | |
| 95 | 96 | $this->CSRFToken = md5($sesId+self::SLAT+time()); |
| 96 | 97 | $minutes = $this->tokenValidInMinutes; |
@@ -108,8 +109,9 @@ discard block |
||
| 108 | 109 | * @return string |
| 109 | 110 | */ |
| 110 | 111 | public function getStorageToken() { |
| 111 | - if ($this->session->get(self::SESSION_STORE_TOKEN_NAME) && $this->_isNotExpiredAt()) |
|
| 112 | - return $this->session->get(self::SESSION_STORE_TOKEN_NAME); |
|
| 112 | + if ($this->session->get(self::SESSION_STORE_TOKEN_NAME) && $this->_isNotExpiredAt()) { |
|
| 113 | + return $this->session->get(self::SESSION_STORE_TOKEN_NAME); |
|
| 114 | + } |
|
| 113 | 115 | |
| 114 | 116 | return false; |
| 115 | 117 | } |
@@ -127,8 +129,9 @@ discard block |
||
| 127 | 129 | * @return string |
| 128 | 130 | */ |
| 129 | 131 | public function getCSRFToken() { |
| 130 | - if (!$this->session->has(self::SESSION_STORE_TOKEN_NAME) || $this->_isTokenExpired()) |
|
| 131 | - $this->refreshToken(); |
|
| 132 | + if (!$this->session->has(self::SESSION_STORE_TOKEN_NAME) || $this->_isTokenExpired()) { |
|
| 133 | + $this->refreshToken(); |
|
| 134 | + } |
|
| 132 | 135 | |
| 133 | 136 | return $this->session->get(self::SESSION_STORE_TOKEN_NAME); |
| 134 | 137 | } |
