MAPG-69 initialize Request earlier
add Request to global Container add base URL to Request
This commit is contained in:
parent
142c91f36b
commit
c50c5ed422
1
main.php
1
main.php
@ -15,6 +15,7 @@ class Container
|
||||
static MapGuesser\Interfaces\Database\IConnection $dbConnection;
|
||||
static MapGuesser\Routing\RouteCollection $routeCollection;
|
||||
static \SessionHandlerInterface $sessionHandler;
|
||||
static MapGuesser\Interfaces\Request\IRequest $request;
|
||||
}
|
||||
|
||||
Container::$dbConnection = new MapGuesser\Database\Mysql\Connection($_ENV['DB_HOST'], $_ENV['DB_USER'], $_ENV['DB_PASSWORD'], $_ENV['DB_NAME']);
|
||||
|
||||
@ -2,7 +2,6 @@
|
||||
|
||||
require '../web.php';
|
||||
|
||||
$host = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
|
||||
$method = strtolower($_SERVER['REQUEST_METHOD']);
|
||||
$url = substr($_SERVER['REQUEST_URI'], strlen('/'));
|
||||
if (($pos = strpos($url, '?')) !== false) {
|
||||
@ -15,10 +14,10 @@ $match = Container::$routeCollection->match($method, explode('/', $url));
|
||||
if ($match !== null) {
|
||||
list($route, $params) = $match;
|
||||
|
||||
$request = new MapGuesser\Request\Request($_GET, $params, $_POST, $_SESSION);
|
||||
Container::$request->setParsedRouteParams($params);
|
||||
|
||||
$handler = $route->getHandler();
|
||||
$controller = new $handler[0]($request);
|
||||
$controller = new $handler[0](Container::$request);
|
||||
|
||||
if ($controller instanceof MapGuesser\Interfaces\Authorization\ISecured) {
|
||||
$authorized = $controller->authorize();
|
||||
@ -26,7 +25,7 @@ if ($match !== null) {
|
||||
$authorized = true;
|
||||
}
|
||||
|
||||
if ($method === 'post' && $request->post('anti_csrf_token') !== $request->session()->get('anti_csrf_token')) {
|
||||
if ($method === 'post' && Container::$request->post('anti_csrf_token') !== Container::$request->session()->get('anti_csrf_token')) {
|
||||
header('Content-Type: text/html; charset=UTF-8', true, 403);
|
||||
echo json_encode(['error' => 'no_valid_anti_csrf_token']);
|
||||
return;
|
||||
@ -41,7 +40,7 @@ if ($match !== null) {
|
||||
|
||||
return;
|
||||
} elseif ($response instanceof MapGuesser\Interfaces\Response\IRedirect) {
|
||||
header('Location: ' . $host . '/' . $response->getUrl(), true, $response->getHttpCode());
|
||||
header('Location: ' . Container::$request->getBase() . '/' . $response->getUrl(), true, $response->getHttpCode());
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
@ -4,6 +4,10 @@ use MapGuesser\Interfaces\Authentication\IUser;
|
||||
|
||||
interface IRequest
|
||||
{
|
||||
public function setParsedRouteParams(array &$routeParams);
|
||||
|
||||
public function getBase(): string;
|
||||
|
||||
public function query(string $key);
|
||||
|
||||
public function post(string $key);
|
||||
|
||||
@ -3,26 +3,37 @@
|
||||
use MapGuesser\Interfaces\Authentication\IUser;
|
||||
use MapGuesser\Interfaces\Request\IRequest;
|
||||
use MapGuesser\Interfaces\Request\ISession;
|
||||
use MapGuesser\Model\User;
|
||||
|
||||
class Request implements IRequest
|
||||
{
|
||||
private string $base;
|
||||
|
||||
private array $get;
|
||||
|
||||
private array $routeParams;
|
||||
private array $routeParams = [];
|
||||
|
||||
private array $post;
|
||||
|
||||
private Session $session;
|
||||
|
||||
public function __construct(array &$get, array &$routeParams, array &$post, array &$session)
|
||||
public function __construct(string $base, array &$get, array &$post, array &$session)
|
||||
{
|
||||
$this->base = $base;
|
||||
$this->get = &$get;
|
||||
$this->routeParams = &$routeParams;
|
||||
$this->post = &$post;
|
||||
$this->session = new Session($session);
|
||||
}
|
||||
|
||||
public function setParsedRouteParams(array &$routeParams)
|
||||
{
|
||||
$this->routeParams = &$routeParams;
|
||||
}
|
||||
|
||||
public function getBase(): string
|
||||
{
|
||||
return $this->base;
|
||||
}
|
||||
|
||||
public function query($key)
|
||||
{
|
||||
if (isset($this->get[$key])) {
|
||||
|
||||
6
web.php
6
web.php
@ -40,6 +40,8 @@ session_start([
|
||||
'cookie_samesite' => 'Lax'
|
||||
]);
|
||||
|
||||
if (!isset($_SESSION['anti_csrf_token'])) {
|
||||
$_SESSION['anti_csrf_token'] = hash('sha256', random_bytes(10) . microtime());
|
||||
Container::$request = new MapGuesser\Request\Request($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'], $_GET, $_POST, $_SESSION);
|
||||
|
||||
if (!Container::$request->session()->has('anti_csrf_token')) {
|
||||
Container::$request->session()->set('anti_csrf_token', hash('sha256', random_bytes(10) . microtime()));
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user