router: only allow functions without required parameters as handler methods

This commit is contained in:
Andrew Dolgov 2020-09-22 09:34:39 +03:00
parent ab6aa0ad3e
commit 490df818aa
2 changed files with 16 additions and 2 deletions

View File

@ -107,7 +107,14 @@
if (validate_csrf($csrf_token) || $handler->csrf_ignore($method)) { if (validate_csrf($csrf_token) || $handler->csrf_ignore($method)) {
if ($handler->before($method)) { if ($handler->before($method)) {
if ($method && method_exists($handler, $method)) { if ($method && method_exists($handler, $method)) {
$reflection = new ReflectionMethod($handler, $method);
if ($reflection->getNumberOfRequiredParameters() == 0) {
$handler->$method(); $handler->$method();
} else {
header("Content-Type: text/json");
print error_json(6);
}
} else { } else {
if (method_exists($handler, "catchall")) { if (method_exists($handler, "catchall")) {
$handler->catchall($method); $handler->catchall($method);

View File

@ -32,7 +32,14 @@
if (implements_interface($handler, "IHandler") && $handler->before($method)) { if (implements_interface($handler, "IHandler") && $handler->before($method)) {
if ($method && method_exists($handler, $method)) { if ($method && method_exists($handler, $method)) {
$reflection = new ReflectionMethod($handler, $method);
if ($reflection->getNumberOfRequiredParameters() == 0) {
$handler->$method(); $handler->$method();
} else {
header("Content-Type: text/json");
print error_json(6);
}
} else if (method_exists($handler, 'index')) { } else if (method_exists($handler, 'index')) {
$handler->index(); $handler->index();
} }