Icontem

File: libs/classes/class.ajax.php

Recommend this page to a friend!
  Classes of Jason Gerfen  >  jQuery.pidCrypt  >  libs/classes/class.ajax.php  >  Download  
File: libs/classes/class.ajax.php
Role: Auxiliary data
Content type: text/plain
Description: Auxiliary data
Class: jQuery.pidCrypt
Encrypt form values using RSA and AES
Author: By
Last change:
Date: 6 years ago
Size: 2,116 bytes
 

Contents

Class file image Download
<?php
/**
 * Handle XMLHttpRequests
 * Requires AJAX requests provide Content-MD5, CSRF token (HTTP_X_ALT_REFER),
 * and HTTP_X_REQUESTED_WITH as XMLHttpRequest.
 *
 * This class accompanies the jQuery.AJAX project @https://github.com/jas-jQuery.AJAX
 *
 * LICENSE: This source file is subject to version 3.01 of the GPL license
 * that is available through the world-wide-web at the following URI:
 * http://www.gnu.org/licenses/gpl.html.  If you did not receive a copy of
 * the GPL License and are unable to obtain it through the web, please
 *
 * @author     jason.gerfen@gmail.com
 * @copyright  2008-2012 Jason Gerfen
 * @license    http://www.gnu.org/licenses/gpl.html  GPL License 3
 * @version    0.3
 */

/**
 *! @class ajax
 *  @abstract Handles XMLHttpRequest proxy loading
 */
class ajax
{

 /**
  *  @var private object
  */
 private $libs;

 /**
  *! @function __construct
  *  @abstract Load and return a boolean for the current AJAX request
  */
 public function __construct()
 {
  $this->libs = new libraries;

  $post = (!empty($_POST)) ?
    $this->libs->_serialize($_POST) :
     md5($_SESSION[$this->libs->libs->_getRealIPv4()]['token']);

  if ((!$this->__vRequest(getenv('HTTP_X_REQUESTED_WITH')))||
      (!$this->__vCSRF(getenv('HTTP_X_ALT_REFERER'), $_SESSION[$this->libs->_getRealIPv4()]['token']))||
      (!$this->__vCheckSum(getenv('HTTP_CONTENT_MD5'), $post))){
   return true;
  } else {
   return false;
  }
 }

 /**
  *! @function __vRequest
  *  @abstract Verify the request was valid XMLHttpRequest
  */
 private function __vRequest($request)
 {
  return (strcmp($request, 'XMLHttpRequest')!==0) ? false : true;
 }

 /**
  *! @function __vCSRF
  *  @abstract Verify the CSRF token
  */
 private function __vCSRF($header, $token)
 {
  return (strcmp($header, $token)===0) ? true : false;
 }

 /**
  *! @function __vCheckSum
  *  @abstract Verify the post data contained a valid checksum in the header
  */
 private function __vCheckSum($header, $array)
 {
  return (strcmp(base64_decode($header),
                 md5($this->libs->_serialize($array)))!==0) ? false : true;
 }
}
?>