Working on forms

- Adding CSRF. - Making them PSR-12 compliant.
rarog · Mar 26, 2020 · a6c490e · a6c490e
1 parent 87e28df
commit a6c490e
Show file tree

Hide file tree

Showing 14 changed files with 385 additions and 362 deletions.
diff --git a/src/ZfcUser/Form/Base.php b/src/ZfcUser/Form/Base.php
@@ -2,97 +2,86 @@
 
 namespace ZfcUser\Form;
 
-use Laminas\Form\Element;
+use Laminas\Form\Element\Button;
+use Laminas\Form\Element\Hidden;
+use Laminas\Form\Element\Password;
+use Laminas\Form\Element\Text;
 
 class Base extends ProvidesEventsForm
 {
     public function __construct($name = null)
     {
         parent::__construct($name);
 
-        $this->add(array(
+        $this->add([
             'name' => 'username',
-            'options' => array(
+            'type' => Text::class,
+            'options' => [
                 'label' => 'Username',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'username',
-                'type' => 'text',
-            ),
-        ));
+            ],
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'email',
-            'options' => array(
+            'type' => Text::class,
+            'options' => [
                 'label' => 'Email',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'email',
-                'type' => 'text',
-            ),
-        ));
+            ],
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'display_name',
-            'options' => array(
+            'type' => Text::class,
+            'options' => [
                 'label' => 'Display Name',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'display_name',
-                'type' => 'text',
-            ),
-        ));
+            ],
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'password',
-            'type' => 'password',
-            'options' => array(
+            'type' => Password::class,
+            'options' => [
                 'label' => 'Password',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'password',
-                'type' => 'password',
-            ),
-        ));
+            ],
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'passwordVerify',
-            'type' => 'password',
-            'options' => array(
+            'type' => Password::class,
+            'options' => [
                 'label' => 'Password Verify',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'passwordVerify',
-                'type' => 'password',
-            ),
-        ));
+            ],
+        ]);
 
-        $submitElement = new Element\Button('submit');
+        $submitElement = new Button('submit');
         $submitElement
             ->setLabel('Submit')
-            ->setAttributes(array(
+            ->setAttributes([
                 'type'  => 'submit',
-            ));
+            ]);
 
-        $this->add($submitElement, array(
+        $this->add($submitElement, [
             'priority' => -100,
-        ));
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'userId',
-            'type' => 'Laminas\Form\Element\Hidden',
-            'attributes' => array(
-                'type' => 'hidden'
-            ),
-        ));
-
-        // @TODO: Fix this... getValidator() is a protected method.
-        //$csrf = new Element\Csrf('csrf');
-        //$csrf->getValidator()->setTimeout($this->getRegistrationOptions()->getUserFormTimeout());
-        //$this->add($csrf);
-    }
-
-    public function init()
-    {
+            'type' => Hidden::class,
+        ]);
     }
 }
diff --git a/src/ZfcUser/Form/ChangeEmail.php b/src/ZfcUser/Form/ChangeEmail.php
@@ -2,6 +2,11 @@
 
 namespace ZfcUser\Form;
 
+use Laminas\Form\Element\Csrf;
+use Laminas\Form\Element\Hidden;
+use Laminas\Form\Element\Password;
+use Laminas\Form\Element\Submit;
+use Laminas\Form\Element\Text;
 use ZfcUser\Options\AuthenticationOptionsInterface;
 
 class ChangeEmail extends ProvidesEventsForm
@@ -17,58 +22,67 @@ public function __construct($name, AuthenticationOptionsInterface $options)
 
         parent::__construct($name);
 
-        $this->add(array(
+        $this->add([
             'name' => 'identity',
-            'options' => array(
+            'type' => Hidden::class,
+            'options' => [
                 'label' => '',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'identity',
-                'type' => 'hidden',
-            ),
-        ));
+            ],
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'newIdentity',
-            'options' => array(
+            'type' => Text::class,
+            'options' => [
                 'label' => 'New Email',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'newIdentity',
-                'type' => 'text',
-            ),
-        ));
+            ],
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'newIdentityVerify',
-            'options' => array(
+            'type' => Text::class,
+            'options' => [
                 'label' => 'Verify New Email',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'newIdentityVerify',
-                'type' => 'text',
-            ),
-        ));
+            ],
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'credential',
-            'type' => 'password',
-            'options' => array(
+            'type' => Password::class,
+            'options' => [
                 'label' => 'Password',
-            ),
-            'attributes' => array(
+            ],
+            'attributes' => [
                 'id' => 'credential',
-                'type' => 'password',
-            ),
-        ));
+            ],
+        ]);
 
-        $this->add(array(
+        $this->add([
             'name' => 'submit',
-            'attributes' => array(
+            'type' => Submit::class,
+            'attributes' => [
                 'value' => 'Submit',
-                'type'  => 'submit'
-            ),
-        ));
+            ],
+        ]);
+
+        $this->add([
+            'name' => 'csrf',
+            'type' => Csrf::class,
+            'options' => [
+                'csrf_options' => [
+                    'timeout' => $this->getAuthenticationOptions()->getLoginFormTimeout(),
+                ],
+            ],
+        ]);
     }
 
     /**

diff --git a/src/ZfcUser/Form/ChangeEmailFilter.php b/src/ZfcUser/Form/ChangeEmailFilter.php
@@ -3,6 +3,8 @@
 namespace ZfcUser\Form;
 
 use Laminas\InputFilter\InputFilter;
+use Laminas\Validator\EmailAddress;
+use Laminas\Validator\Identical;
 use ZfcUser\Options\AuthenticationOptionsInterface;
 
 class ChangeEmailFilter extends InputFilter
@@ -13,43 +15,43 @@ public function __construct(AuthenticationOptionsInterface $options, $emailValid
     {
         $this->emailValidator = $emailValidator;
 
-        $identityParams = array(
-            'name'       => 'identity',
-            'required'   => true,
-            'validators' => array()
-        );
+        $identityParams = [
+            'name' => 'identity',
+            'required' => true,
+            'validators' => [],
+        ];
 
         $identityFields = $options->getAuthIdentityFields();
-        if ($identityFields == array('email')) {
-            $validators = array('name' => 'EmailAddress');
+        if ($identityFields == ['email']) {
+            $validators = ['name' => EmailAddress::class];
             array_push($identityParams['validators'], $validators);
         }
 
         $this->add($identityParams);
 
-        $this->add(array(
-            'name'       => 'newIdentity',
-            'required'   => true,
-            'validators' => array(
-                array(
-                    'name' => 'EmailAddress'
-                ),
-                $this->emailValidator
-            ),
-        ));
+        $this->add([
+            'name' => 'newIdentity',
+            'required' => true,
+            'validators' => [
+                [
+                    'name' => EmailAddress::class,
+                ],
+                $this->emailValidator,
+            ],
+        ]);
 
-        $this->add(array(
-            'name'       => 'newIdentityVerify',
-            'required'   => true,
-            'validators' => array(
-                array(
-                    'name' => 'identical',
-                    'options' => array(
+        $this->add([
+            'name' => 'newIdentityVerify',
+            'required' => true,
+            'validators' => [
+                [
+                    'name' => Identical::class,
+                    'options' => [
                         'token' => 'newIdentity'
-                    )
-                ),
-            ),
-        ));
+                    ]
+                ],
+            ],
+        ]);
     }
 
     public function getEmailValidator()