Initial commit

2019-08-14 19:22:54 +02:00 · 2019-08-14 19:22:54 +02:00 · 40a2da38a2
commit 40a2da38a2
7 changed files with 120 additions and 0 deletions
--- a/Form.php
+++ b/Form.php
@ -0,0 +1,47 @@
+<?php
+namespace Post;
+
+class Form {
+	public $fields;
+	public $action;
+
+	public function __construct($fields) {
+		$this->fields=$fields;
+	}
+
+	public function denyCsrf() {
+		$this->fields["_csrf"]=new HiddenFormField();
+		$this->fields["_csrf"]->setValue($this->getCsrfToken());
+	}
+
+	public function getEnctype() {
+		foreach ($this->fields as $name=>$field) {
+			if ($field instanceof FileUpload) {
+				return "multipart/form-data";
+			}
+		}
+		return "application/x-www-form-urlencoded";
+	}
+
+	public function reset() {
+		foreach ($this->fields as $name=>$field) {
+			$field->reset();
+		}
+	}
+
+	public function loadFromEnv() {
+		foreach ($this->fields as $name=>$field) {
+			$field->loadFromEnv($name);
+		}
+		if (isset($this->fields['_csrf']) && $this->fields['_csrf']->getValue() !== $this->getCsrfToken()) {
+			throw new CsrfException();
+		}
+	}
+
+	public static function getCsrfToken() {
+		if (!isset($_SESSION['csrf'])) {
+			$_SESSION['csrf']=bin2hex(openssl_random_pseudo_bytes(16));
+		}
+		return $_SESSION['csrf'];
+	}
+}