Move field obfuscation into own class

[MAILPOET-1014]

lib/API/JSON/v1/Subscribers.php

@@ -4,6 +4,7 @@ use MailPoet\API\JSON\Endpoint as APIEndpoint;
 use MailPoet\API\JSON\Error as APIError;
 use MailPoet\API\JSON\Access as APIAccess;
 
+use MailPoet\Form\Util\FieldNameObfuscator;
 use MailPoet\Listing;
 use MailPoet\Models\Subscriber;
 use MailPoet\Models\Form;
@@ -123,15 +124,8 @@ class Subscribers extends APIEndpoint {
   }
 
   private function deobfuscateFormPayload($data) {
-    $result = array();
-    foreach($data as $key => $value) {
-      if(strpos($key, 'form_field_') === 0) {
-        $result[base64_decode(substr($key, 11))] = $value;
-      } else {
-        $result[$key] = $value;
-      }
-    }
-    return $result;
+    $obfuscator = new FieldNameObfuscator();
+    return $obfuscator->deobfuscateFormPayload($data);
   }
 
   function save($data = array()) {

lib/Form/Block/Base.php

@@ -1,6 +1,8 @@
 <?php
 namespace MailPoet\Form\Block;
 
+use MailPoet\Form\Util\FieldNameObfuscator;
+
 abstract class Base {
   protected static function getInputValidation($block, $extra_rules = array()) {
     $rules = array();
@@ -104,7 +106,8 @@ abstract class Base {
     if((int)$block['id'] > 0) {
       return 'cf_'.$block['id'];
     } else {
-      return 'form_field_'.base64_encode($block['id']);//obfuscate field name for spambots
+      $obfuscator = new FieldNameObfuscator();
+      return $obfuscator->obfuscate($block['id']);//obfuscate field name for spambots
     }
   }
 

lib/Form/Util/FieldNameObfuscator.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace MailPoet\Form\Util;
+
+class FieldNameObfuscator {
+
+  const OBFUSCATED_FIELD_PREFIX = 'form_field_';
+
+  public function obfuscate($name) {
+    return FieldNameObfuscator::OBFUSCATED_FIELD_PREFIX.base64_encode($name);
+  }
+
+  public function deobfuscate($name) {
+    $prefixLength = strlen(FieldNameObfuscator::OBFUSCATED_FIELD_PREFIX);
+    return base64_decode(substr($name, $prefixLength));
+  }
+
+  public function deobfuscateFormPayload($data) {
+    $result = array();
+    foreach($data as $key => $value) {
+      $result[$this->deobfuscateField($key)] = $value;
+    }
+    return $result;
+  }
+
+  private function deobfuscateField($name) {
+    if($this->wasFieldObfuscated($name)) {
+      return $this->deobfuscate($name);
+    } else {
+      return $name;
+    }
+  }
+
+  private function wasFieldObfuscated($name) {
+    return strpos($name, FieldNameObfuscator::OBFUSCATED_FIELD_PREFIX) === 0;
+  }
+
+}

tests/unit/Form/Util/FieldNameObfuscatorTest.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace MailPoet\Form\Util;
+
+class FieldNameObfuscatorTest extends \MailPoetTest {
+
+  public function testObfuscateWorks() {
+    $obfuscator = new FieldNameObfuscator();
+    expect($obfuscator->obfuscate('email'))->notContains('email');
+  }
+
+  public function testObfuscateDeobfuscateWorks() {
+    $obfuscator = new FieldNameObfuscator();
+    $obfuscated = $obfuscator->obfuscate('email');
+    expect($obfuscator->deobfuscate($obfuscated))->equals('email');
+  }
+
+  public function testObfuscatePayloadWorks() {
+    $obfuscator = new FieldNameObfuscator();
+    $obfuscated = $obfuscator->obfuscate('email');
+    $data = array(
+      'regularField' => 'regularValue',
+      $obfuscated => 'obfuscatedFieldValue',
+    );
+    $deobfuscatedPayload = $obfuscator->deobfuscateFormPayload($data);
+    expect($deobfuscatedPayload)->equals(array(
+      'regularField' => 'regularValue',
+      'email' => 'obfuscatedFieldValue',
+    ));
+  }
+}