Move field obfuscation into own class

[MAILPOET-1014]
This commit is contained in:
Pavel Dohnal
2017-08-16 14:58:31 +02:00
parent 18f208cf47
commit 364dd1b2a3
4 changed files with 76 additions and 10 deletions

View File

@@ -1,6 +1,8 @@
<?php
namespace MailPoet\Form\Block;
use MailPoet\Form\Util\FieldNameObfuscator;
abstract class Base {
protected static function getInputValidation($block, $extra_rules = array()) {
$rules = array();
@@ -104,7 +106,8 @@ abstract class Base {
if((int)$block['id'] > 0) {
return 'cf_'.$block['id'];
} else {
return 'form_field_'.base64_encode($block['id']);//obfuscate field name for spambots
$obfuscator = new FieldNameObfuscator();
return $obfuscator->obfuscate($block['id']);//obfuscate field name for spambots
}
}

View File

@@ -0,0 +1,38 @@
<?php
namespace MailPoet\Form\Util;
class FieldNameObfuscator {
const OBFUSCATED_FIELD_PREFIX = 'form_field_';
public function obfuscate($name) {
return FieldNameObfuscator::OBFUSCATED_FIELD_PREFIX.base64_encode($name);
}
public function deobfuscate($name) {
$prefixLength = strlen(FieldNameObfuscator::OBFUSCATED_FIELD_PREFIX);
return base64_decode(substr($name, $prefixLength));
}
public function deobfuscateFormPayload($data) {
$result = array();
foreach($data as $key => $value) {
$result[$this->deobfuscateField($key)] = $value;
}
return $result;
}
private function deobfuscateField($name) {
if($this->wasFieldObfuscated($name)) {
return $this->deobfuscate($name);
} else {
return $name;
}
}
private function wasFieldObfuscated($name) {
return strpos($name, FieldNameObfuscator::OBFUSCATED_FIELD_PREFIX) === 0;
}
}