11<?php
22namespace PhpWaf ;
33
4+ /**
5+ * Class Firewall
6+ *
7+ * @package PhpWaf
8+ */
49class Firewall
510{
611 /**
@@ -12,19 +17,23 @@ class Firewall
1217 'SQL ' => true ,
1318 'XML ' => false ,
1419 'XSS ' => true ,
20+ 'CRLF ' => true ,
1521 );
22+
1623 /**
1724 * The mode in that firewall is running
1825 *
1926 * @var int Valid modes are: 1 - block & log; 2 - block only; 3 - log only
2027 */
2128 protected $ mode1 ;
29+
2230 /**
2331 * The log file path
2432 *
2533 * @var string
2634 */
2735 protected $ log_file'waf.log ' ;
36+
2837 /**
2938 * Log format
3039 *
@@ -42,7 +51,9 @@ class Firewall
4251
4352 /**
4453 * Firewall constructor.
54+ *
4555 * @param int $mode
56+ * @throws \Exception
4657 */
4758 public function __construct (int $ mode1 )
4859 {
@@ -59,34 +70,43 @@ public static function block()
5970 }
6071
6172 /**
62- * Write the detected to a log file
73+ * Write the detected to a log file
6374 *
6475 * @param string $value
6576 * @param string $filter
6677 * @return Firewall
78+ * @throws \Exception
6779 */
68- public function log (string $ valuestring $ filterself
80+ public function log (string $ valuestring $ filterFirewall
6981 {
70- if (! empty ($ this log_file ) && ! empty ( $ this -> log_format ))
82+ if (empty ($ this log_file ))
7183 {
72- $ datastr_replace (
73- array ('%f ' , '%v ' , '%i ' , '%d ' , '%t ' , '%m ' , '%u ' ),
74- array ($ filter$ value$ _SERVER 'REMOTE_ADDR ' ], date ('Y-m-d ' ), date ('H:i:s ' ),
75- date ('Y-m-d H:i:s ' ), time ()),
76- $ this log_format );
84+ throw new \Exception ("Empty log_file. " );
85+ }
7786
78- file_put_contents ($ this log_file , "\nwarn $ data , FILE_APPEND );
87+ if (empty ($ this log_format ))
88+ {
89+ throw new \Exception ("Empty log_format. " );
7990 }
8091
92+ $ datastr_replace (
93+ array ('%f ' , '%v ' , '%i ' , '%d ' , '%t ' , '%m ' , '%u ' ),
94+ array ($ filter$ value$ _SERVER 'REMOTE_ADDR ' ], date ('Y-m-d ' ), date ('H:i:s ' ),
95+ date ('Y-m-d H:i:s ' ), time ()),
96+ $ this log_format );
97+
98+ file_put_contents ($ this log_file , "\nwarn $ data , FILE_APPEND );
99+
81100 return $ this
82101 }
83102
84103 /**
85104 * Set log file path
105+ *
86106 * @param string $value
87107 * @return Firewall
88108 */
89- public function setLogFile (string $ valueself
109+ public function setLogFile (string $ valueFirewall
90110 {
91111 $ this log_file = $ value
92112
@@ -99,7 +119,7 @@ public function setLogFile(string $value): self
99119 * @param string $value
100120 * @return Firewall
101121 */
102- public function setLogFormat (string $ valueself
122+ public function setLogFormat (string $ valueFirewall
103123 {
104124 $ this log_format = $ value
105125
@@ -111,13 +131,15 @@ public function setLogFormat(string $value): self
111131 *
112132 * @param int $value
113133 * @return Firewall
134+ * @throws \Exception
114135 */
115- public function setMode (int $ valueself
136+ public function setMode (int $ valueFirewall
116137 {
117- if (in_array ($ valuerange (1 ,3 )))
138+ if (! in_array ($ valuerange (1 ,3 )))
118139 {
119- $ this -> mode = $ value
140+ throw new \ Exception ( " Unknown mode { $ value} . " ) ;
120141 }
142+ $ this mode = $ value
121143
122144 return $ this
123145 }
@@ -127,13 +149,15 @@ public function setMode(int $value): self
127149 *
128150 * @param string $filter
129151 * @return Firewall
152+ * @throws \Exception
130153 */
131- public function enable (string $ filterself
154+ public function enable (string $ filterFirewall
132155 {
133- if (array_key_exists ($ filter$ this filters ))
156+ if (! array_key_exists ($ filter$ this filters ))
134157 {
135- $ this -> filters [ $ filter ] = true ;
158+ throw new \ Exception ( " Unknown filter { $ filter } . " ) ;
136159 }
160+ $ this filters [$ filtertrue ;
137161
138162 return $ this
139163 }
@@ -143,13 +167,15 @@ public function enable(string $filter): self
143167 *
144168 * @param string $filter
145169 * @return Firewall
170+ * @throws \Exception
146171 */
147- public function disable (string $ filterself
172+ public function disable (string $ filterFirewall
148173 {
149- if (array_key_exists ($ filter$ this filters ))
174+ if (! array_key_exists ($ filter$ this filters ))
150175 {
151- $ this -> filters [ $ filter ] = false ;
176+ throw new \ Exception ( " Unknown filter { $ filter } . " ) ;
152177 }
178+ $ this filters [$ filterfalse ;
153179
154180 return $ this
155181 }
@@ -161,7 +187,7 @@ public function disable(string $filter): self
161187 * @param string $filter
162188 * @return Firewall
163189 */
164- public function handle (string $ valuestring $ filterself
190+ public function handle (string $ valuestring $ filterFirewall
165191 {
166192 if ($ this mode == 1 )
167193 {
@@ -190,12 +216,13 @@ public function handle(string $value, string $filter): self
190216 *
191217 * @param string $filter
192218 * @return Firewall
219+ * @throws \Exception
193220 */
194- public function runFilter (string $ filterself
221+ public function runFilter (string $ filterFirewall
195222 {
196- if (!$ this filters [ $ filter ] )
223+ if (!array_key_exists ( $ filter , $ this getFilters ()) )
197224 {
198- return $ this
225+ throw new \ Exception ( " Unknown filter { $ filter } . " ) ;
199226 }
200227
201228 $ class"PhpWaf \\Filter \\$ filter ;
@@ -224,11 +251,16 @@ public function runFilter(string $filter): self
224251 * Runs all the enabled filters
225252 *
226253 * @return Firewall
254+ * @throws \Exception
227255 */
228- public function run (): self
256+ public function run (): Firewall
229257 {
230- foreach (array_keys ( $ this filters ) as $ filter
258+ foreach ($ this getFilters ( ) as $ filter => $ enabled
231259 {
260+ if (!$ enabled
261+ {
262+ continue ;
263+ }
232264 $ this runFilter ($ filter
233265 }
234266
@@ -244,4 +276,4 @@ public function getFilters(): array
244276 {
245277 return $ this filters ;
246278 }
247- }
279+ }
0 commit comments