libretime/legacy/application/common/SecurityHelper.php

27 lines
700 B
PHP
Raw Permalink Normal View History

2015-06-12 19:11:28 +02:00
<?php
2021-10-11 16:10:47 +02:00
class SecurityHelper
{
public static function htmlescape_recursive(&$arr)
{
2015-06-12 19:48:54 +02:00
foreach ($arr as $key => $val) {
if (is_array($val)) {
self::htmlescape_recursive($arr[$key]);
2021-10-11 16:10:47 +02:00
} elseif (is_string($val)) {
2015-06-12 19:48:54 +02:00
$arr[$key] = htmlspecialchars($val, ENT_QUOTES);
}
}
2021-10-11 16:10:47 +02:00
2015-06-12 19:48:54 +02:00
return $arr;
}
2015-09-24 00:21:30 +02:00
2021-10-11 16:10:47 +02:00
public static function verifyCSRFToken($observedToken)
{
2015-09-24 00:21:30 +02:00
$current_namespace = new Zend_Session_Namespace('csrf_namespace');
$observed_csrf_token = $observedToken;
$expected_csrf_token = $current_namespace->authtoken;
2021-10-11 16:10:47 +02:00
return $observed_csrf_token == $expected_csrf_token;
2015-09-24 00:21:30 +02:00
}
2021-10-11 16:10:47 +02:00
}