Skip to content

Commit

Permalink
Some more lint fixes.
Browse files Browse the repository at this point in the history
  • Loading branch information
@mebjas
mebjas committed May 23, 2020
1 parent 61b2af3 commit 5e776cf
Showing 1 changed file with 28 additions and 19 deletions.
47 changes: 28 additions & 19 deletions libs/csrf/csrfprotector.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
if (!defined('__CSRF_PROTECTOR__')) {
define('__CSRF_PROTECTOR__', true); // to avoid multiple declaration errors

// name of HTTP POST variable for authentication
// Name of HTTP POST variable for authentication
define("CSRFP_TOKEN","CSRFP-Token");

// We insert token name and list of url patterns for which
Expand All @@ -19,12 +19,13 @@
define("CSRFP_FIELD_TOKEN_NAME", "csrfp_hidden_data_token");
define("CSRFP_FIELD_URLS", "csrfp_hidden_data_urls");

/**
* child exception classes
*/
/** Indicates configuration file was not found. */
class configFileNotFoundException extends \exception {};
class jsFileNotFoundException extends \exception {};

/** Indicates that configuration file is incomplete. */
class incompleteConfigurationException extends \exception {};

/** Indicates that CSRF Protector is already initialized. */
class alreadyInitializedException extends \exception {};

class csrfProtector
Expand Down Expand Up @@ -75,29 +76,38 @@ class csrfProtector
* Variable: $config
* config file for CSRFProtector
* @var int Array, length = 6
* Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails
* Property: #3: customErrorMessage (string) => custom error message to be sent in case
* of failed authentication
* Property: #4: jsFile (string) => location of the CSRFProtector js file
* Property: #5: tokenLength (int) => default length of hash
* Property: #6: disabledJavascriptMessage (string) => error message if client's js is disabled
* Property: #1: failedAuthAction (int) => action to be taken in case
* autherisation fails.
* Property: #3: customErrorMessage (string) => custom error message to
* be sent in case of failed authentication.
* Property: #4: jsFile (string) => location of the CSRFProtector js
* file.
* Property: #5: tokenLength (int) => default length of hash.
* Property: #6: disabledJavascriptMessage (string) => error message if
* client's js is disabled.
*
* TODO(mebjas): this field should be private
*/
public static $config = array();

/*
* Variable: $requiredConfigurations
* Contains list of those parameters that are required to be there
* in config file for csrfp to work
*
* TODO(mebjas): this field should be private
*/
public static $requiredConfigurations = array('failedAuthAction', 'jsUrl', 'tokenLength');
public static $requiredConfigurations = array(
'failedAuthAction', 'jsUrl', 'tokenLength');

/*
* Function: function to initialise the csrfProtector work flow
*
* Parameters:
* $length - length of CSRF_AUTH_TOKEN to be generated
* $action - int array, for different actions to be taken in case of failed validation
* $logger - custom logger class object
* $length - (int) length of CSRF_AUTH_TOKEN to be generated.
* $action - (int array), for different actions to be taken in case of
* failed validation.
* $logger - (LoggerInterface) custom logger class object.
*
* Returns:
* void
Expand Down Expand Up @@ -210,11 +220,10 @@ public static function init($length = null, $action = null, $logger = null)
*
* Returns:
* void
*
* Throws:
* logDirectoryNotFoundException - if log directory is not found
*
* TODO(mebjas): this method should be private.
*/
private static function authorizePost()
public static function authorizePost()
{
// TODO(mebjas): this method is valid for same origin request only,
// enable it for cross origin also sometime for cross origin the
Expand Down

0 comments on commit 5e776cf

Please sign in to comment.