name = $name; $this->resetCsrf(); $tpl = new Html($path, $extention, $folder); $tpl->set($name, $this) ->sets($sets) ->run('buffer'); return $this; } public function resetCsrf(){ if(session_status() == PHP_SESSION_NONE) session_start(); //TODO: create Krutsh\Session if(isset($_SESSION[static::$csrfSession][$this->name])){ $this->csrfToken = $_SESSION[static::$csrfSession][$this->name]; }else{ $this->csrfToken = base64_encode(random_bytes(6)); $_SESSION[static::$csrfSession][$this->name] = $this->csrfToken; } } public static function sanitize(array $data) : array{ $return = array(); foreach($data as $key => $value){ if(is_string($value)) $return[$key] = strip_tags(trim($value)); } return $return; } public function valid(array $data) : bool{ $data = static::sanitize($data); $this->set = true; if(!isset($_SESSION[static::$csrfSession][$this->name]) || !isset($data[static::$csrfInput]) || $_SESSION[static::$csrfSession][$this->name] != $data[static::$csrfInput]){ $this->error('Formulaire expiré'); return false; } $valid = true; foreach($this->elements as $element){ $value = isset($data[$element->name()]) ? $data[$element->name()] : null; $return = $element->valid($value); if($return !== true){ $this->error('Le champ '.$element->name().' est '.$return.'.', false); $valid = false; }else{ $element->value($value); } } if($valid) unset($_SESSION[static::$csrfSession][$this->name]); return $valid; } public function error(string $error, bool $reset = true){ $this->errors[] = $error; if($reset) $this->resetCsrf(); } public function name() : string{ return $this->name; } public function _start(string $more = '', string $method = 'post', string $url = null) : string{ if(!in_array($method, array('post', 'get'))) $method = 'post'; if($this->set == false){ $this->method = $method; $this->url = $url; } $html = '
'; $html .= ''; $html .= " "; return $html; } public function _end(string $more = '') : string{ return '
'; } public function _errors(string $more = '') : string{ if(empty($this->errors)) return ''; $html = '
'; foreach($this->errors as $error){ $html .= '

'.$error.'

'; } return $html.'
'; } public function _submit(string $name = null, string $more = '') : string{ return ''; } function _input(string $name, bool $add = true) : Element{ if($add == false) return new Input($name); if($this->set == true){ $input = $this->get($name); if(isset($input)) return $input; } $input = new Input($name); $this->add($input); return $input; } function _select(string $name, bool $add = true) : Element{ if($add == false) return new Select($name); if($this->set == true){ $input = $this->get($name); if(isset($input)) return $input; } $input = new Select($name); $this->add($input); return $input; } function _textarea(string $name) : Element{ if($this->set == true){ $input = $this->get($name); if(isset($input)) return $input; } $input = new TextArea($name); $this->add($input); return $input; } public function add(Element $thing){ if($this->set == false) $this->elements[] = $thing; } public function get(string $name) : Element{ foreach($this->elements as $element){ if($element->name() == $name) return $element; } return null; } public function values(bool $nullToEmpty = false) : array{ $values = array(); foreach($this->elements as $element){ $value = $element->get(); $values[$element->name()] = $nullToEmpty && !isset($value) ? '' : $value; } return $values; } }