1 <?php
2 /* --------------------------------------------------------------
3 AdminHttpViewController.inc.php 2015-12-02 gm
4 Gambio GmbH
5 http://www.gambio.de
6 Copyright (c) 2015 Gambio GmbH
7 Released under the GNU General Public License (Version 2)
8 [http://www.gnu.org/licenses/gpl-2.0.html]
9 --------------------------------------------------------------
10 */
11
12 MainFactory::load_class('HttpViewController');
13
14 /**
15 * Class AdminHttpViewController
16 *
17 * This class contains some helper methods for handling view requests. Be careful
18 * always when outputting raw user data to HTML or when handling POST requests because
19 * insufficient protection will lead to XSS and CSRF vulnerabilities.
20 *
21 * @link http://en.wikipedia.org/wiki/Cross-site_scripting
22 * @link http://en.wikipedia.org/wiki/Cross-site_request_forgery
23 *
24 * @category System
25 * @package Http
26 * @implements HttpViewControllerInterface
27 */
28 class AdminHttpViewController extends HttpViewController
29 {
30 /**
31 * Process HttpContext Object
32 *
33 * Re-implement this function in the child controller and disable the XSS and CSRF protection on demand.
34 *
35 * @param HttpContextInterface $httpContext
36 *
37 * @throws LogicException
38 */
39 public function proceed(HttpContextInterface $httpContext)
40 {
41 if($_SESSION['customers_status']['customers_status_id'] != 0)
42 {
43 throw new LogicException('unexpected execution context');
44 }
45
46 parent::proceed($httpContext);
47 }
48
49
50 }