One Hat Cyber Team
Your IP :
216.73.216.55
Server IP :
5.189.175.239
Server :
Linux panel.gemx-ai.com 5.14.0-570.19.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jun 4 04:00:24 EDT 2025 x86_64
Server Software :
LiteSpeed
PHP Version :
8.2.28
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
farmersapp
/
loans.farmersapp.store
/
includes
/
Edit File:
security.php
<?php /** * Security Functions * Farmers Loan Management System */ // ============================================= // SECURITY CLASS // ============================================= class Security { /** * Generate CSRF token */ public function generateCsrfToken() { if (empty($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); } return $_SESSION['csrf_token']; } /** * Validate CSRF token */ public function validateCsrfToken($token) { if (!isset($_SESSION['csrf_token'])) { return false; } return hash_equals($_SESSION['csrf_token'], $token); } /** * Sanitize input data */ public function sanitizeInput($input) { if (is_array($input)) { return array_map([$this, 'sanitizeInput'], $input); } // Remove whitespace $input = trim($input); // Remove HTML tags $input = strip_tags($input); // Convert special characters to HTML entities $input = htmlspecialchars($input, ENT_QUOTES, 'UTF-8'); return $input; } /** * Sanitize output for display */ public function sanitizeOutput($output) { if (is_array($output)) { return array_map([$this, 'sanitizeOutput'], $output); } return htmlspecialchars_decode($output, ENT_QUOTES); } /** * Validate email address */ public function validateEmail($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) !== false; } /** * Validate phone number */ public function validatePhone($phone) { // Remove all non-digit characters $cleanPhone = preg_replace('/[^0-9]/', '', $phone); // Check length (adjust for your country) return strlen($cleanPhone) >= 10 && strlen($cleanPhone) <= 15; } /** * Validate URL */ public function validateUrl($url) { return filter_var($url, FILTER_VALIDATE_URL) !== false; } /** * Validate date */ public function validateDate($date, $format = 'Y-m-d') { $d = DateTime::createFromFormat($format, $date); return $d && $d->format($format) === $date; } /** * Validate national ID (adjust for your country) */ public function validateNationalId($id) { // Basic validation - adjust for your country's ID format return preg_match('/^[A-Z0-9]{6,20}$/', $id); } /** * Validate password strength */ public function validatePassword($password) { $errors = []; // Check minimum length if (strlen($password) < PASSWORD_MIN_LENGTH) { $errors[] = "Password must be at least " . PASSWORD_MIN_LENGTH . " characters long"; } // Check for uppercase if (PASSWORD_REQUIRE_UPPERCASE && !preg_match('/[A-Z]/', $password)) { $errors[] = "Password must contain at least one uppercase letter"; } // Check for lowercase if (PASSWORD_REQUIRE_LOWERCASE && !preg_match('/[a-z]/', $password)) { $errors[] = "Password must contain at least one lowercase letter"; } // Check for number if (PASSWORD_REQUIRE_NUMBER && !preg_match('/[0-9]/', $password)) { $errors[] = "Password must contain at least one number"; } // Check for special character if (PASSWORD_REQUIRE_SPECIAL && !preg_match('/[^A-Za-z0-9]/', $password)) { $errors[] = "Password must contain at least one special character"; } return [ 'valid' => empty($errors), 'errors' => $errors ]; } /**
Simpan