From c16e5e775be790ef50b68eacb8c40e3b9c70fb3c Mon Sep 17 00:00:00 2001 From: =?utf8?q?Rapha=C3=ABl=20Gertz?= Date: Thu, 29 Feb 2024 14:04:02 +0100 Subject: [PATCH 1/1] Php 8.x constructor style Add note about securing bin arguments --- Filter/CPackFilter.php | 27 ++------------------------- Filter/JPackFilter.php | 29 ++++------------------------- 2 files changed, 6 insertions(+), 50 deletions(-) diff --git a/Filter/CPackFilter.php b/Filter/CPackFilter.php index 853e94a..f56bb95 100644 --- a/Filter/CPackFilter.php +++ b/Filter/CPackFilter.php @@ -18,40 +18,17 @@ use Twig\Source; * {@inheritdoc} */ class CPackFilter implements FilterInterface { - //Default bin - private $bin; - - //Default compress type - private $compress; - - //Twig template filename - private $fileName; - - //Twig template line - private $line; - /** * Setup cpack filter * * @xxx compress can be minify or pretty */ - public function __construct(Source $fileName, int $line, string $bin = 'cpack', string $compress = 'minify') { - //Set fileName - $this->fileName = $fileName; - - //Set line - $this->line = $line; - - //Set bin - $this->bin = $bin; - - //Set compress - $this->compress = $compress; - + public function __construct(protected Source $fileName, protected int $line, protected string $bin = 'cpack', protected string $compress = 'minify') { //Deal with compress if (!empty($this->compress)) { //Append minify parameter if ($this->compress == 'minify') { + //TODO: protect binary call by converting bin to array ? $this->bin .= ' --minify'; //Unknown compress type //XXX: default compression is pretty diff --git a/Filter/JPackFilter.php b/Filter/JPackFilter.php index 6715596..9d758e4 100644 --- a/Filter/JPackFilter.php +++ b/Filter/JPackFilter.php @@ -18,46 +18,25 @@ use Twig\Source; * {@inheritdoc} */ class JPackFilter implements FilterInterface { - //Default bin - private $bin; - - //Default compress type - private $compress; - - //Twig template filename - private $fileName; - - //Twig template line - private $line; - /** * Setup jpack filter * * @xxx compress can be clean, shrink, obfuscate or best */ - public function __construct(Source $fileName, int $line, string $bin = 'jpack', string $compress = 'best') { - //Set fileName - $this->fileName = $fileName; - - //Set line - $this->line = $line; - - //Set bin - $this->bin = $bin; - - //Set compress - $this->compress = $compress; - + public function __construct(protected Source $fileName, protected int $line, protected string $bin = 'jpack', protected string $compress = 'best') { //Deal with compress if (!empty($this->compress)) { //Append clean parameter if ($this->compress == 'clean') { + //TODO: protect binary call by converting bin to array ? $this->bin .= ' --clean'; //Append shrink parameter } elseif ($this->compress == 'shrink') { + //TODO: protect binary call by converting bin to array ? $this->bin .= ' --shrink'; //Append obfuscate parameter } elseif ($this->compress == 'obfuscate') { + //TODO: protect binary call by converting bin to array ? $this->bin .= ' --obfuscate'; //Unknown compress type //XXX: default compression is best -- 2.41.1