/home/coolpkct/www/websites/cake3.cool.rocks/admin/classes/request.php

<?php
/**
 * Part of Showkase web site management package
 *
 * @package Showkase
 * @author Jack Hardie {@link http://www.jhardie.com}
 * @copyright Copyright (c) 2012, SimpleViewer Inc.
 */
defined('SK_ACCESS')||die('<h1>403: Forbidden</h1>');

/**
 * Handle request data
 *
 * @package Showkase
 */
class Request {
    /**
     * @var array properties
     */
    private $properties = array();

    /**
     * @var array feedback messages
     */
    private $feedback = array();
    
    /**
     * @var array S_POST array with slashes stripped
     */
    private $post;
    
    /**
     * @var string new form key
     */
    private $newToken;
    
    /**
     * string old form token
     */
    private $oldToken;

    /**
     * constructor
     */
    public function __construct() {
        $this->properties = $this->rStripSlashes($_REQUEST);
        $this->post = $this->rStripSlashes($_POST);
        if (isset($_SESSION['token'])) {
    		    $this->oldToken = $_SESSION['token'];
    	  }
    }
    
    /**
     * recursive function to strip slashes
     * see www.php.net/stripslashes strip_slashes_deep function
     *
     * @access public
     * @return array
     * @parameter array
     */
    private function rStripSlashes($value)
    {
       if (!get_magic_quotes_gpc()) return $value;
       $value = is_array($value)
           ? array_map(array($this, 'rStripSlashes'), $value)
           : stripslashes($value);
       return $value;
    }
    
    /**
     * Check if property is set
     *
     * @param string property name
     * @return boolean
     */
    public function propertyIsSet($key)
    {
       return isset($this->properties[$key]);
    }

    /**
     * Get property value
     *
     * @param string property name
     * @return mixed
     */
    public function getProperty($key)
    {
        if (isset($this->properties[$key])) {
          return $this->properties[$key];
        }
    }

    /**
     * get $_POST after stripslashes
     *
     * @return array
     */
    public function getPost()
    {
        return $this->post;
    }

    /**
     * Set property value
     *
     * @param string property name
     * @param mixed new value
     * @return void
     */
    public function setProperty($key, $val) {
        $this->properties[$key] = $val;
    }
    
    /**
     * Collect feedback on problems in command resolver
     *
     * @param string message
     */
    public function addFeedback($msg) {
        array_push($this->feedback, array('content'=>$msg, 'class'=>'warning' ));
    }
 
    /**
     * Get all feedback
     *
     * @return array
     */
    public function getFeedback() {
        return $this->feedback;
    }

    /**
     * Get all feedback as a string
     *
     * @return string
     */
    public function getFeedbackString($separator="\n") {
        return implode($separator, $this->feedback);
    }
    
    /**
     * Generate new token
     *
     * @return string
     */
    private function generateToken()
    {
        return md5(
            $_SERVER['REMOTE_ADDR'].
            uniqid(
                mt_rand(),
                true
            )
        );
    }

    /**
     * Generate and return new token
     *
     * @ return string
     */
    public function newToken()
    {
      	$this->newToken = $this->generateToken();
      	$_SESSION['token'] = $this->newToken;
      	return $this->newToken;
    }
    
    /**
     * Get old token
     *
     * @return string
     */
     public function getToken()
     {
         return $this->oldToken;
     }

    /**
     * validate token submitted by POST or GET against session value
     *
     * @return boolean
     */
    public function validate()
    {
        return ($this->propertyIsSet('token') && ($this->oldToken == $this->getProperty('token')));
    }
    
    /**
     * validate token submitted by POST only against session value
     *
     * @return boolean
     */
    public function validatePost()
    {
        return (isset($this->post['token']) && ($this->oldToken == $this->post['token']));
    }

}

[F] accountscreen.php
[F] advancedscreen.php
[F] allviewersscreen.php
[F] auth.php
[F] board.php
[F] buttonbar.php
[F] checkboxfield.php
[F] commandresolver.php
[F] controller.php
[F] customizescreenhelper.php
[F] debug.php
[F] editorfield.php
[F] errorhandler.php
[F] errorscreen.php
[F] exceptionhandler.php
[F] fieldfactory.php
[F] filer.php
[F] filesscreen.php
[F] formfield.php
[F] gallery.php
[F] gallerybuttonbar.php
[F] galleryindex.php
[F] gallerylink.php
[F] galleryreader.php
[F] helpers.php
[F] hexcolorfield.php
[F] hiddenfield.php
[F] image.php
[F] imagescreenhelper.php
[F] imagesrcfield.php
[F] importer.php
[F] importscreen.php
[F] index.html
[F] layer.php
[F] layerwriter.php
[F] loginscreen.php
[F] nav.php
[F] numberfield.php
[F] page.php
[F] pagebuttonbar.php
[F] pagecustomizescreen.php
[F] pagefactory.php
[F] pagereader.php
[F] pageset.php
[F] pagesscreen.php
[F] pathparser.php
[F] pluploadscreen.php
[F] previewscreen.php
[F] primarybuttonbar.php
[F] publisher.php
[F] radiofield.php
[F] repairer.php
[F] repairscreen.php
[F] request.php
[F] rgbacolorfield.php
[F] screen.php
[F] screenfactory.php
[F] selectfield.php
[F] site.php
[F] sitebuttonbar.php
[F] sitecustomizescreen.php
[F] sitesetup.php
[F] sitesetupscreen.php
[F] skconfig.php
[F] systembuttonbar.php
[F] textareafield.php
[F] textfield.php
[F] theme.php
[F] themecustomizescreen.php
[F] themeselectscreen.php
[F] themeset.php
[F] thumbnail.php
[F] urlify.php
[F] viewer.php
[F] viewercustomizescreen.php
[F] viewerselectscreen.php
[F] xml.php