0ct0pu5/forkbb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add auto calc token for Router\link()

Browse source
This commit is contained in:
Visman 2020-09-23 21:04:21 +07:00
parent c7259750f3
commit 6656c082e0
17 changed files with 67 additions and 97 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
app/Controllers/Primary.php
View file

@ -46,6 +46,21 @@ class Primary
'AdminUpdate' => \ForkBB\Models\Pages\Admin\Update::class,
],
];
// fix for Router
if ($this->c->config->i_fork_revision < 17) {
$confChange += [
'shared' => [
'Router' => [
'class' => \ForkBB\Core\Router::class,
'base_url' => '%BASE_URL%',
'csrf' => '@Csrf'
],
],
];
}
$this->c->config($confChange);
return null;

17
app/Core/Router.php
View file

@ -2,6 +2,7 @@
namespace ForkBB\Core;
use ForkBB\Core\Csrf;
use InvalidArgumentException;
class Router
@ -73,9 +74,15 @@ class Router
'(_backslash_)',
];
public function __construct(string $base)
/**
* @var Csrf
*/
protected $csrf;
public function __construct(string $base, Csrf $csrf)
{
$this->baseUrl = $base;
$this->csrf = $csrf;
$this->host = \parse_url($base, PHP_URL_HOST);
$this->prefix = \parse_url($base, PHP_URL_PATH);
$this->length = \strlen($this->prefix);
@ -121,6 +128,14 @@ class Router
return $result . $data . $anchor;
}
// автоматическое вычисление токена
if (
\array_key_exists('token', $args)
&& ! isset($args['token'])
) {
$args['token'] = $this->csrf->create($marker, $args);
}
list($link, $names, $request) = $data;
$data = [];
// перечисление имен переменных для построения ссылки

23
app/Models/Forum/Model.php
View file

@ -182,12 +182,7 @@ class Model extends DataModel
return $this->c->Router->link(
'MarkRead', [
'id' => $this->id,
'token' => $this->c->Csrf->create(
'MarkRead',
[
'id' => $this->id,
]
),
'token' => null,
]
);
}
@ -205,13 +200,7 @@ class Model extends DataModel
[
'fid' => $this->id,
'type' => 'subscribe',
'token' => $this->c->Csrf->create(
'ForumSubscription',
[
'fid' => $this->id,
'type' => 'subscribe',
]
),
'token' => null,
]
);
}
@ -230,13 +219,7 @@ class Model extends DataModel
[
'fid' => $this->id,
'type' => 'unsubscribe',
'token' => $this->c->Csrf->create(
'ForumSubscription',
[
'fid' => $this->id,
'type' => 'unsubscribe',
]
),
'token' => null,
]
);
}

2
app/Models/Page.php
View file

@ -215,7 +215,7 @@ abstract class Page extends Model
$r->link(
'Logout',
[
'token' => $this->c->Csrf->create('Logout'),
'token' => null,
]
),
'Logout',

5
app/Models/Pages/Admin/Bans.php
View file

@ -517,10 +517,7 @@ class Bans extends Admin
'AdminBansDelete',
[
'id' => $ban['id'],
'token' => $this->c->Csrf->create(
'AdminBansDelete',
$arr
),
'token' => null,
]
),
];

6
app/Models/Pages/Admin/Maintenance.php
View file

@ -225,15 +225,11 @@ class Maintenance extends Admin
if ($last) {
$args = [
'token' => '',
'token' => null,
'limit' => $v->limit,
'start' => $last + 1,
'clear' => $v->clear ? '1' : '0',
];
$args['token'] = $this->c->Csrf->create(
'AdminRebuildIndex',
$args
);
return $this->c->Redirect->page('AdminRebuildIndex', $args)->message(__('Processed posts', $v->start, $last));
} else {

7
app/Models/Pages/Admin/Parser/BBCode.php
View file

@ -171,12 +171,7 @@ class BBCode extends Parser
'AdminBBCodeDelete',
[
'id' => $id,
'token' => $this->c->Csrf->create(
'AdminBBCodeDelete',
[
'id' => $id,
]
),
'token' => null,
]
),
'disabled' => 1 !== $tagData['bb_delete'],

14
app/Models/Pages/Admin/Parser/Smilies.php
View file

@ -198,12 +198,7 @@ class Smilies extends Parser
'AdminSmiliesDelete',
[
'name' => $id,
'token' => $this->c->Csrf->create(
'AdminSmiliesDelete',
[
'name' => $id,
]
),
'token' => null,
]
),
];
@ -290,12 +285,7 @@ class Smilies extends Parser
'AdminSmiliesDelete',
[
'name' => $name,
'token' => $this->c->Csrf->create(
'AdminSmiliesDelete',
[
'name' => $name,
]
),
'token' => null,
]
),
];

17
app/Models/Pages/Admin/Update.php
View file

@ -808,4 +808,21 @@ class Update extends Admin
return null;
}
/**
* rev.16 to rev.17
*/
protected function stageNumber16(array $args): ?int
{
$coreConfig = new CoreConfig($this->c->DIR_CONFIG . '/' . self::CONFIG_FILE);
$coreConfig->add(
'shared=>Router=>csrf',
'\'@Csrf\''
);
$coreConfig->save();
return null;
}
}

7
app/Models/Pages/Index.php
View file

@ -54,12 +54,7 @@ class Index extends Page
'MarkRead',
[
'id' => 0,
'token' => $this->c->Csrf->create(
'MarkRead',
[
'id' => 0,
]
),
'token' => null,
]
);
}

16
app/Models/Pages/Profile.php
View file

@ -87,13 +87,7 @@ abstract class Profile extends Page
[
'id' => $id,
'uid' => $this->curUser->id,
'token' => $this->c->Csrf->create(
'AdminBansDelete',
[
'id' => $id,
'uid' => $this->curUser->id,
]
),
'token' => null,
]
),
__('Unban user'),
@ -171,13 +165,7 @@ abstract class Profile extends Page
[
'action' => 'change_group',
'ids' => $this->curUser->id,
'token' => $this->c->Csrf->create(
'AdminUsersAction',
[
'action' => 'change_group',
'ids' => $this->curUser->id,
]
),
'token' => null,
]
);
}

7
app/Models/Report/Model.php
View file

@ -118,12 +118,7 @@ class Model extends DataModel
'AdminReportsZap',
[
'id' => $this->id,
'token' => $this->c->Csrf->create(
'AdminReportsZap',
[
'id' => $this->id,
]
),
'token' => null,
]
);
} else {

16
app/Models/Topic/Model.php
View file

@ -170,13 +170,7 @@ class Model extends DataModel
[
'tid' => $this->id,
'type' => 'subscribe',
'token' => $this->c->Csrf->create(
'TopicSubscription',
[
'tid' => $this->id,
'type' => 'subscribe',
]
),
'token' => null,
]
);
}
@ -191,13 +185,7 @@ class Model extends DataModel
[
'tid' => $this->id,
'type' => 'unsubscribe',
'token' => $this->c->Csrf->create(
'TopicSubscription',
[
'tid' => $this->id,
'type' => 'unsubscribe',
]
),
'token' => null,
]
);
}

8
app/Models/User/Model.php
View file

@ -335,13 +335,7 @@ class Model extends DataModel
[
'uid' => $post->user->id,
'pid' => $post->id,
'token' => $this->c->Csrf->create(
'AdminUserPromote',
[
'uid' => $post->user->id,
'pid' => $post->id,
]
),
'token' => null,
]
);
} else {

2
app/bootstrap.php
View file

@ -42,7 +42,7 @@ if (
}
$c->PUBLIC_URL = $c->BASE_URL . $forkPublicPrefix;
$c->FORK_REVISION = 16;
$c->FORK_REVISION = 17;
$c->START = $forkStart;
$c->DIR_APP = __DIR__;
$c->DIR_PUBLIC = $forkPublic;

1
app/config/install.php
View file

@ -72,6 +72,7 @@ return [
'Router' => [
'class' => \ForkBB\Core\Router::class,
'base_url' => '%BASE_URL%',
'csrf' => '@Csrf'
],
'Lang' => \ForkBB\Core\Lang::class,
'Mail' => [

1
app/config/main.dist.php
View file

@ -75,6 +75,7 @@ return [
'Router' => [
'class' => \ForkBB\Core\Router::class,
'base_url' => '%BASE_URL%',
'csrf' => '@Csrf'
],
'Lang' => \ForkBB\Core\Lang::class,
'Mail' => [