|
Server IP : 103.191.208.50 / Your IP : 216.73.216.53 Web Server : LiteSpeed System : Linux orion.herosite.pro 4.18.0-553.53.1.lve.el8.x86_64 #1 SMP Wed May 28 17:01:02 UTC 2025 x86_64 User : celkcksm ( 1031) PHP Version : 7.4.33 Disable Function : show_source, system, shell_exec, passthru, popen, exec MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home/celkcksm/hrms.ncriptech.com/app/Http/Middleware/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
namespace App\Http\Middleware;
use Closure;
class XSS
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($request->route()->getName() == 'manage.settings.website-settings') {
return $next($request);
}
if ($request->method() == 'POST' || $request->method() == 'PUT') {
$input = $request->all();
array_walk_recursive($input, function (&$input) {
$str = $input;
$searchVal = array("<script>", "</script>");
$replaceVal = array(" ", " ");
$input = str_replace($searchVal, $replaceVal, $str);
});
$request->merge($input);
return $next($request);
} else {
$input = $request->all();
array_walk_recursive($input, function (&$input) {
$input = htmlentities($input);
});
$request->merge($input);
return $next($request);
}
}
}