From 40a2da38a2b02b7017d75a794714f4c2c2b04e92 Mon Sep 17 00:00:00 2001
From: Ain <41307858+nero@users.noreply.github.com>
Date: Wed, 14 Aug 2019 19:22:54 +0200
Subject: [PATCH] Initial commit

---
 CsrfException.php   |  6 ++++++
 FileUpload.php      | 17 ++++++++++++++++
 Form.php            | 47 +++++++++++++++++++++++++++++++++++++++++++++
 FormField.php       | 32 ++++++++++++++++++++++++++++++
 HiddenFormField.php |  6 ++++++
 SelectField.php     |  6 ++++++
 UploadException.php |  6 ++++++
 7 files changed, 120 insertions(+)
 create mode 100644 CsrfException.php
 create mode 100644 FileUpload.php
 create mode 100644 Form.php
 create mode 100644 FormField.php
 create mode 100644 HiddenFormField.php
 create mode 100644 SelectField.php
 create mode 100644 UploadException.php

diff --git a/CsrfException.php b/CsrfException.php
new file mode 100644
index 0000000..d19a438
--- /dev/null
+++ b/CsrfException.php
@@ -0,0 +1,6 @@
+<?php
+namespace Post;
+
+class CsrfException extends \Exception {
+
+}
diff --git a/FileUpload.php b/FileUpload.php
new file mode 100644
index 0000000..4691c33
--- /dev/null
+++ b/FileUpload.php
@@ -0,0 +1,17 @@
+<?php
+namespace Post;
+
+class FileUpload extends FormField {
+	protected $file;
+	protected $error=UPLOAD_ERR_NO_FILE;
+
+	public function loadFromEnv($name) {
+		$this->error=$_FILES[$name]['error'];
+		$this->value=$_FILES[$name]['name'];
+		$this->file=$_FILES[$name]['tmp_name'];
+	}
+
+	public function validate() {
+		return ($this->error==0);
+	}
+}
diff --git a/Form.php b/Form.php
new file mode 100644
index 0000000..bbe39c1
--- /dev/null
+++ b/Form.php
@@ -0,0 +1,47 @@
+<?php
+namespace Post;
+
+class Form {
+	public $fields;
+	public $action;
+
+	public function __construct($fields) {
+		$this->fields=$fields;
+	}
+
+	public function denyCsrf() {
+		$this->fields["_csrf"]=new HiddenFormField();
+		$this->fields["_csrf"]->setValue($this->getCsrfToken());
+	}
+
+	public function getEnctype() {
+		foreach ($this->fields as $name=>$field) {
+			if ($field instanceof FileUpload) {
+				return "multipart/form-data";
+			}
+		}
+		return "application/x-www-form-urlencoded";
+	}
+
+	public function reset() {
+		foreach ($this->fields as $name=>$field) {
+			$field->reset();
+		}
+	}
+
+	public function loadFromEnv() {
+		foreach ($this->fields as $name=>$field) {
+			$field->loadFromEnv($name);
+		}
+		if (isset($this->fields['_csrf']) && $this->fields['_csrf']->getValue() !== $this->getCsrfToken()) {
+			throw new CsrfException();
+		}
+	}
+
+	public static function getCsrfToken() {
+		if (!isset($_SESSION['csrf'])) {
+			$_SESSION['csrf']=bin2hex(openssl_random_pseudo_bytes(16));
+		}
+		return $_SESSION['csrf'];
+	}
+}
diff --git a/FormField.php b/FormField.php
new file mode 100644
index 0000000..735f461
--- /dev/null
+++ b/FormField.php
@@ -0,0 +1,32 @@
+<?php
+namespace Post;
+
+class FormField {
+	protected $value="";
+
+	public function __construct($vars = array()) {
+		foreach($vars as $k=>$v) {
+			$this->$k = $vars[$k];
+		}
+	}
+
+	public function getValue() {
+		return $this->value;
+	}
+
+	public function setValue($val) {
+		$this->value=$val;
+	}
+
+	public function validate() {
+		return true;
+	}
+
+	public function reset() {
+		$this->value="";
+	}
+
+	public function loadFromEnv($name) {
+		$this->value=$_POST[$name];
+	}
+}
diff --git a/HiddenFormField.php b/HiddenFormField.php
new file mode 100644
index 0000000..c4aa89a
--- /dev/null
+++ b/HiddenFormField.php
@@ -0,0 +1,6 @@
+<?php
+namespace Post;
+
+class HiddenFormField extends FormField {
+
+}
diff --git a/SelectField.php b/SelectField.php
new file mode 100644
index 0000000..f83a608
--- /dev/null
+++ b/SelectField.php
@@ -0,0 +1,6 @@
+<?php
+namespace Post;
+
+class SelectField extends FormField {
+	public $options;
+}
diff --git a/UploadException.php b/UploadException.php
new file mode 100644
index 0000000..4459e98
--- /dev/null
+++ b/UploadException.php
@@ -0,0 +1,6 @@
+<?php
+namespace Post;
+
+class UploadException extends \Exception {
+	// Used like parent class
+}