game-projects/dragon-forks
1
0
Fork 0
Code Issues 64 Pull requests 1 Projects 7 Releases Packages Wiki Activity Actions

🔒️ Add a check to avoid going to wrong functions

Browse source
This commit is contained in:
Kazhnuz 2025-03-29 09:39:08 +01:00
parent 14ed2fd98f
commit d0fcf2b0b2
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
kernel/router.php
View file

@ -16,6 +16,9 @@ class Router {
private $namespaces = [];
private $currentNamespaceHandler;
// List of forbidden route, to avoid calling private or other REST verbs
private $forbiddenRoutes = [ '__', '_post', '_delete', '_put', '_patch'];
public function registerNamespace($name, $authLevel, $haveCharacterId) {
$this->namespaces[$name] = new NamespaceHandler($name, $authLevel, $haveCharacterId);
@ -61,6 +64,12 @@ class Router {
$this->controller = $this->getFromUrl($requestParts, 1, "pages");
$this->func = $this->getFromUrl($requestParts, 2, "index");
}
foreach ($this->forbiddenRoutes as $forbiddenRoute) {
if (str_contains($this->func, $forbiddenRoute)) {
$renderer->error(500);
}
}
}
private function getControllerPath() {