* LightSmsTransport.php - escape phone number
This commit is contained in:
parent
8620e828a7
commit
5d2e6928f3
@ -109,8 +109,8 @@ final class LightSmsTransport extends AbstractTransport
|
|||||||
$this->getEndpoint(),
|
$this->getEndpoint(),
|
||||||
$this->login,
|
$this->login,
|
||||||
$signature,
|
$signature,
|
||||||
str_replace('+', '', $message->getPhone()),
|
$this->escapePhoneNumber($message->getPhone()),
|
||||||
$message->getSubject(),
|
$this->escapeSubject($message->getSubject()),
|
||||||
$this->phone,
|
$this->phone,
|
||||||
time()
|
time()
|
||||||
);
|
);
|
||||||
@ -141,9 +141,9 @@ final class LightSmsTransport extends AbstractTransport
|
|||||||
$params = [
|
$params = [
|
||||||
'timestamp' => $params['timestamp'],
|
'timestamp' => $params['timestamp'],
|
||||||
'login' => $this->login,
|
'login' => $this->login,
|
||||||
'phone' => str_replace('+', '', $params['message']->getPhone()),
|
'phone' => $this->escapePhoneNumber($params['message']->getPhone()),
|
||||||
'sender' => $this->phone,
|
'sender' => $this->phone,
|
||||||
'text' => $params['message']->getSubject(),
|
'text' => $this->escapeSubject($params['message']->getSubject()),
|
||||||
];
|
];
|
||||||
|
|
||||||
ksort($params);
|
ksort($params);
|
||||||
@ -151,4 +151,14 @@ final class LightSmsTransport extends AbstractTransport
|
|||||||
|
|
||||||
return md5(implode('', $params).$this->password);
|
return md5(implode('', $params).$this->password);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function escapeSubject($subject): string
|
||||||
|
{
|
||||||
|
return strip_tags($subject);
|
||||||
|
}
|
||||||
|
|
||||||
|
private function escapePhoneNumber($phoneNumber): string
|
||||||
|
{
|
||||||
|
return str_replace('+', '', $phoneNumber);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user