62 lines
1.7 KiB
PHP
62 lines
1.7 KiB
PHP
<?php
|
|
namespace Mince;
|
|
|
|
use Index\Routing\IRouter;
|
|
use Index\Security\CSRFP;
|
|
|
|
class WhitelistRoutes {
|
|
public function __construct(
|
|
private Whitelist $whitelist,
|
|
private CSRFP $csrfp,
|
|
private object $userInfo
|
|
) {}
|
|
|
|
public function register(IRouter $router): void {
|
|
$router->use('/whitelist', [$this, 'verifyRequest']);
|
|
$router->post('/whitelist/add', [$this, 'postAdd']);
|
|
$router->post('/whitelist/remove', [$this, 'postRemove']);
|
|
}
|
|
|
|
public function verifyRequest($response, $request) {
|
|
if(!$request->isFormContent()) {
|
|
$response->redirect('/?error=request');
|
|
return true;
|
|
}
|
|
|
|
$body = $request->getContent();
|
|
|
|
if(!$body->hasParam('csrfp') || !$this->csrfp->verifyToken((string)$body->getParam('csrfp'))) {
|
|
$response->redirect('/?error=verify');
|
|
return true;
|
|
}
|
|
}
|
|
|
|
public function postAdd($response, $request) {
|
|
if($this->userInfo->user_id == 45) {
|
|
$response->redirect('/?error=itainthappenin');
|
|
return true;
|
|
}
|
|
|
|
$body = $request->getContent();
|
|
$name = (string)$body->getParam('name');
|
|
$resp = $this->whitelist->add($this->userInfo, $name);
|
|
|
|
if($resp === '')
|
|
$response->redirect('/');
|
|
else {
|
|
if($resp === 'invalid')
|
|
$name = '';
|
|
$response->redirect("/?error={$resp}&name={$name}");
|
|
}
|
|
}
|
|
|
|
public function postRemove($response) {
|
|
$resp = $this->whitelist->remove($this->userInfo);
|
|
|
|
if($resp === '')
|
|
$response->redirect('/');
|
|
else
|
|
$response->redirect("/?error={$resp}");
|
|
}
|
|
}
|