Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
libretime/legacy/application/common/SecurityHelper.php

27 lines
700 B
PHP
Raw Permalink Normal View History

XSS prevention for Radio Page
2015-06-12 19:11:28 +02:00
<?php
Format code using php-cs-fixer
2021-10-11 16:10:47 +02:00
class SecurityHelper
{
public static function htmlescape_recursive(&$arr)
{
CC-6055: Improved escaping
2015-06-12 19:48:54 +02:00
foreach ($arr as $key => $val) {
if (is_array($val)) {
self::htmlescape_recursive($arr[$key]);
Format code using php-cs-fixer
2021-10-11 16:10:47 +02:00
} elseif (is_string($val)) {
CC-6055: Improved escaping
2015-06-12 19:48:54 +02:00
$arr[$key] = htmlspecialchars($val, ENT_QUOTES);
}
}
Format code using php-cs-fixer
2021-10-11 16:10:47 +02:00
CC-6055: Improved escaping
2015-06-12 19:48:54 +02:00
return $arr;
}
Improvements to the preferences screen
2015-09-24 00:21:30 +02:00
Format code using php-cs-fixer
2021-10-11 16:10:47 +02:00
public static function verifyCSRFToken($observedToken)
{
Improvements to the preferences screen
2015-09-24 00:21:30 +02:00
$current_namespace = new Zend_Session_Namespace('csrf_namespace');
$observed_csrf_token = $observedToken;
$expected_csrf_token = $current_namespace->authtoken;
Format code using php-cs-fixer
2021-10-11 16:10:47 +02:00
return $observed_csrf_token == $expected_csrf_token;
Improvements to the preferences screen
2015-09-24 00:21:30 +02:00
}
Format code using php-cs-fixer
2021-10-11 16:10:47 +02:00
}