* LightSmsTransport.php - escape phone number
This commit is contained in:
parent
8620e828a7
commit
5d2e6928f3
@ -109,8 +109,8 @@ final class LightSmsTransport extends AbstractTransport
|
||||
$this->getEndpoint(),
|
||||
$this->login,
|
||||
$signature,
|
||||
str_replace('+', '', $message->getPhone()),
|
||||
$message->getSubject(),
|
||||
$this->escapePhoneNumber($message->getPhone()),
|
||||
$this->escapeSubject($message->getSubject()),
|
||||
$this->phone,
|
||||
time()
|
||||
);
|
||||
@ -141,9 +141,9 @@ final class LightSmsTransport extends AbstractTransport
|
||||
$params = [
|
||||
'timestamp' => $params['timestamp'],
|
||||
'login' => $this->login,
|
||||
'phone' => str_replace('+', '', $params['message']->getPhone()),
|
||||
'phone' => $this->escapePhoneNumber($params['message']->getPhone()),
|
||||
'sender' => $this->phone,
|
||||
'text' => $params['message']->getSubject(),
|
||||
'text' => $this->escapeSubject($params['message']->getSubject()),
|
||||
];
|
||||
|
||||
ksort($params);
|
||||
@ -151,4 +151,14 @@ final class LightSmsTransport extends AbstractTransport
|
||||
|
||||
return md5(implode('', $params).$this->password);
|
||||
}
|
||||
|
||||
private function escapeSubject($subject): string
|
||||
{
|
||||
return strip_tags($subject);
|
||||
}
|
||||
|
||||
private function escapePhoneNumber($phoneNumber): string
|
||||
{
|
||||
return str_replace('+', '', $phoneNumber);
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user