esoko/mapguesser
esoko/mapguesser
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity

MAPG-69 initialize Request earlier

Browse Source 
add Request to global Container
add base URL to Request
This commit is contained in:
Bence Pőcze 2020-06-14 17:11:48 +02:00
parent 142c91f36b
commit c50c5ed422
5 changed files with 28 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
main.php
View File

@ -15,6 +15,7 @@ class Container
static MapGuesser\Interfaces\Database\IConnection $dbConnection; static MapGuesser\Interfaces\Database\IConnection $dbConnection;
static MapGuesser\Routing\RouteCollection $routeCollection; static MapGuesser\Routing\RouteCollection $routeCollection;
static \SessionHandlerInterface $sessionHandler; static \SessionHandlerInterface $sessionHandler;
static MapGuesser\Interfaces\Request\IRequest $request;
} }
Container::$dbConnection = new MapGuesser\Database\Mysql\Connection($_ENV['DB_HOST'], $_ENV['DB_USER'], $_ENV['DB_PASSWORD'], $_ENV['DB_NAME']); Container::$dbConnection = new MapGuesser\Database\Mysql\Connection($_ENV['DB_HOST'], $_ENV['DB_USER'], $_ENV['DB_PASSWORD'], $_ENV['DB_NAME']);

9
public/index.php
View File

@ -2,7 +2,6 @@
require '../web.php'; require '../web.php';
$host = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$method = strtolower($_SERVER['REQUEST_METHOD']); $method = strtolower($_SERVER['REQUEST_METHOD']);
$url = substr($_SERVER['REQUEST_URI'], strlen('/')); $url = substr($_SERVER['REQUEST_URI'], strlen('/'));
if (($pos = strpos($url, '?')) !== false) { if (($pos = strpos($url, '?')) !== false) {
@ -15,10 +14,10 @@ $match = Container::$routeCollection->match($method, explode('/', $url));
if ($match !== null) { if ($match !== null) {
list($route, $params) = $match; list($route, $params) = $match;
$request = new MapGuesser\Request\Request($_GET, $params, $_POST, $_SESSION); Container::$request->setParsedRouteParams($params);
$handler = $route->getHandler(); $handler = $route->getHandler();
$controller = new $handler[0]($request); $controller = new $handler[0](Container::$request);
if ($controller instanceof MapGuesser\Interfaces\Authorization\ISecured) { if ($controller instanceof MapGuesser\Interfaces\Authorization\ISecured) {
$authorized = $controller->authorize(); $authorized = $controller->authorize();
@ -26,7 +25,7 @@ if ($match !== null) {
$authorized = true; $authorized = true;
} }
if ($method === 'post' && $request->post('anti_csrf_token') !== $request->session()->get('anti_csrf_token')) { if ($method === 'post' && Container::$request->post('anti_csrf_token') !== Container::$request->session()->get('anti_csrf_token')) {
header('Content-Type: text/html; charset=UTF-8', true, 403); header('Content-Type: text/html; charset=UTF-8', true, 403);
echo json_encode(['error' => 'no_valid_anti_csrf_token']); echo json_encode(['error' => 'no_valid_anti_csrf_token']);
return; return;
@ -41,7 +40,7 @@ if ($match !== null) {
return; return;
} elseif ($response instanceof MapGuesser\Interfaces\Response\IRedirect) { } elseif ($response instanceof MapGuesser\Interfaces\Response\IRedirect) {
header('Location: ' . $host . '/' . $response->getUrl(), true, $response->getHttpCode()); header('Location: ' . Container::$request->getBase() . '/' . $response->getUrl(), true, $response->getHttpCode());
return; return;
} }

4
src/Interfaces/Request/IRequest.php
View File

@ -4,6 +4,10 @@ use MapGuesser\Interfaces\Authentication\IUser;
interface IRequest interface IRequest
{ {
public function setParsedRouteParams(array &$routeParams);
public function getBase(): string;
public function query(string $key); public function query(string $key);
public function post(string $key); public function post(string $key);

19
src/Request/Request.php
View File

@ -3,26 +3,37 @@
use MapGuesser\Interfaces\Authentication\IUser; use MapGuesser\Interfaces\Authentication\IUser;
use MapGuesser\Interfaces\Request\IRequest; use MapGuesser\Interfaces\Request\IRequest;
use MapGuesser\Interfaces\Request\ISession; use MapGuesser\Interfaces\Request\ISession;
use MapGuesser\Model\User;
class Request implements IRequest class Request implements IRequest
{ {
private string $base;
private array $get; private array $get;
private array $routeParams; private array $routeParams = [];
private array $post; private array $post;
private Session $session; private Session $session;
public function __construct(array &$get, array &$routeParams, array &$post, array &$session) public function __construct(string $base, array &$get, array &$post, array &$session)
{ {
$this->base = $base;
$this->get = &$get; $this->get = &$get;
$this->routeParams = &$routeParams;
$this->post = &$post; $this->post = &$post;
$this->session = new Session($session); $this->session = new Session($session);
} }
public function setParsedRouteParams(array &$routeParams)
{
$this->routeParams = &$routeParams;
}
public function getBase(): string
{
return $this->base;
}
public function query($key) public function query($key)
{ {
if (isset($this->get[$key])) { if (isset($this->get[$key])) {

6
web.php
View File

@ -40,6 +40,8 @@ session_start([
'cookie_samesite' => 'Lax' 'cookie_samesite' => 'Lax'
]); ]);
if (!isset($_SESSION['anti_csrf_token'])) { Container::$request = new MapGuesser\Request\Request($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'], $_GET, $_POST, $_SESSION);
$_SESSION['anti_csrf_token'] = hash('sha256', random_bytes(10) . microtime());
if (!Container::$request->session()->has('anti_csrf_token')) {
Container::$request->session()->set('anti_csrf_token', hash('sha256', random_bytes(10) . microtime()));
} }