Skip to content

Commit

Permalink
Pequeñas correcciones.
Browse files Browse the repository at this point in the history
  • Loading branch information
NeoRazorX committed Nov 24, 2022
1 parent 5a436ca commit 46a9291
Show file tree
Hide file tree
Showing 6 changed files with 25 additions and 28 deletions.
2 changes: 1 addition & 1 deletion Core/Base/PluginManager.php
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ final class PluginManager
/**
* FacturaScripts core version.
*/
const CORE_VERSION = 2022.5;
const CORE_VERSION = 2022.51;

/**
* Path to list plugins on file.
Expand Down
9 changes: 8 additions & 1 deletion Core/Controller/Wizard.php
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@
*/
class Wizard extends Controller
{

const ITEM_SELECT_LIMIT = 500;
const NEW_DEFAULT_PAGE = 'Dashboard';

Expand Down Expand Up @@ -322,6 +321,10 @@ private function saveNewPassword(string $pass): bool

private function saveStep1()
{
if (false === $this->validateFormToken()) {
return;
}

$codpais = $this->request->request->get('codpais', $this->empresa->codpais);
$this->preSetAppSettings($codpais);

Expand All @@ -347,6 +350,10 @@ private function saveStep1()

private function saveStep2()
{
if (false === $this->validateFormToken()) {
return;
}

$this->empresa->regimeniva = $this->request->request->get('regimeniva');
$this->empresa->save();

Expand Down
22 changes: 13 additions & 9 deletions Core/Html.php
Original file line number Diff line number Diff line change
Expand Up @@ -109,15 +109,19 @@ private static function attachedFileFunction(): TwigFunction

private static function formTokenFunction(): TwigFunction
{
return new TwigFunction('formToken', function (bool $input = true) {
$tokenClass = new MultiRequestProtection();
return $input ?
'<input type="hidden" name="multireqtoken" value="' . $tokenClass->newToken() . '"/>' :
$tokenClass->newToken();
}, [
'is_safe' => ['html'],
'is_safe_callback' => ['html']
]);
return new TwigFunction(
'formToken',
function (bool $input = true) {
$tokenClass = new MultiRequestProtection();
return $input ?
'<input type="hidden" name="multireqtoken" value="' . $tokenClass->newToken() . '"/>' :
$tokenClass->newToken();
},
[
'is_safe' => ['html'],
'is_safe_callback' => ['html']
]
);
}

private static function getIncludeViews(): TwigFunction
Expand Down
18 changes: 1 addition & 17 deletions Core/Lib/MultiRequestProtection.php
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,7 @@ class MultiRequestProtection
const MAX_TOKENS = 500;
const RANDOM_STRING_LENGTH = 6;

/**
* @var string
*/
/** @var string */
protected static $seed;

public function __construct()
Expand All @@ -47,9 +45,6 @@ public function __construct()
}
}

/**
* @param string $seed
*/
public function addSeed(string $seed)
{
self::$seed .= $seed;
Expand Down Expand Up @@ -88,11 +83,6 @@ public function tokenExist(string $token): bool
return false;
}

/**
* @param string $token
*
* @return bool
*/
public function validate(string $token): bool
{
$tokenParts = explode('|', $token);
Expand All @@ -114,18 +104,12 @@ public function validate(string $token): bool
return in_array($tokenParts[0], $valid);
}

/**
* @return string
*/
protected function getRandomStr(): string
{
$chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
return substr(str_shuffle($chars), 0, self::RANDOM_STRING_LENGTH);
}

/**
* @return array
*/
protected function getTokens(): array
{
$values = Cache::get(self::CACHE_KEY);
Expand Down
1 change: 1 addition & 0 deletions Core/View/Wizard-2.html.twig
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@
<hr/>
<form action="#" method="post" class="form" id="formWizard">
<input type="hidden" name="action" value="step2"/>
{{ formToken() }}
<div class="form-row">
<div class="col-sm-4">
<div class="form-group">
Expand Down
1 change: 1 addition & 0 deletions Core/View/Wizard.html.twig
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@
<hr/>
<form method="post" class="form" id="formWizard">
<input type="hidden" name="action" value="step1"/>
{{ formToken() }}
<div class="form-row">
<div class="col-sm-3">
<div class="form-group">
Expand Down

0 comments on commit 46a9291

Please sign in to comment.