Skip to content

Commit

Permalink
Don't ever return NULL when the return type is a string.
Browse files Browse the repository at this point in the history
  • Loading branch information
@paragonie-security
paragonie-security committed Nov 6, 2016
1 parent 3ef8c5a commit 422b37c
Showing 1 changed file with 32 additions and 5 deletions.
37 changes: 32 additions & 5 deletions src/AntiCSRF.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,12 +53,39 @@
*/
class AntiCSRF
{
/**
* @var string
*/
protected $formIndex = '_CSRF_INDEX';

/**
* @var string
*/
protected $formToken = '_CSRF_TOKEN';

/**
* @var string
*/
protected $sessionIndex = 'CSRF';

/**
* @var string
*/
protected $hashAlgo = 'sha256';

/**
* @var int
*/
protected $recycle_after = 65535;

/**
* @var bool
*/
protected $hmac_ip = true;

/**
* @var bool
*/
protected $expire_old = false;

// Injected; defaults to references to superglobals
Expand Down Expand Up @@ -112,8 +139,8 @@ public function insertToken(string $lockTo = '', bool $echo = true): string
function($key, $value) {
return "<!--\n-->".
"<input type=\"hidden\"" .
" name=\"".$key."\"" .
" value=\"".self::noHTML($value)."\"" .
" name=\"" . self::noHTML($key) . "\"" .
" value=\"" . self::noHTML($value) . "\"" .
" />";
},
\array_keys($token_array),
Expand All @@ -122,7 +149,7 @@ function($key, $value) {
);
if ($echo) {
echo $ret;
return null;
return '';
}
return $ret;
}
Expand Down Expand Up @@ -348,8 +375,8 @@ protected function recycleTokens()
// Sort by creation time
\uasort(
$this->session[$this->sessionIndex],
function ($a, $b) {
return $a['created'] <=> $b['created'];
function ($a, $b):int {
return (int) ($a['created'] <=> $b['created']);
}
);

Expand Down

0 comments on commit 422b37c

Please sign in to comment.