aboutsummaryrefslogtreecommitdiff
path: root/app/Http/Middleware/GuestbookValidate.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/Http/Middleware/GuestbookValidate.php')
-rw-r--r--app/Http/Middleware/GuestbookValidate.php37
1 files changed, 37 insertions, 0 deletions
diff --git a/app/Http/Middleware/GuestbookValidate.php b/app/Http/Middleware/GuestbookValidate.php
new file mode 100644
index 0000000..b2218bb
--- /dev/null
+++ b/app/Http/Middleware/GuestbookValidate.php
@@ -0,0 +1,37 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class GuestbookValidate
+{
+ /**
+ * Handle an incoming request.
+ *
+ * @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
+ */
+ public function handle(Request $request, Closure $next): Response
+ {
+ if (
+ !$request->validate([
+ 'name' => 'required',
+ 'message' => 'required'
+ ]) ||
+ $this->containsUrl($request->get('message')) ||
+ $this->containsUrl($request->get('name'))
+ ) {
+ return response()->view('errors.guestbook-invalid', [], 400);
+ }
+ return $next($request);
+ }
+
+ public function containsUrl($str) {
+ $matches = [];
+ $pattern = '/\b(?:https?|ftp|www)(:\/\/)*[-A-Z0-9+&@#\/%?=~_|$!:,.;]*[A-Z0-9+&@#\/%=~_|$]/i';
+ preg_match_all($pattern, $str, $matches);
+ return count($matches[0]);
+ }
+}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-04-03 07:17:42 +0000