8000 * LightSmsTransport.php - escape phone number · symfony/symfony@5d2e692 · GitHub
[go: up one dir, main page]
Skip to content

Commit 5d2e692

Browse files
author
Vasilij Dusko | CREATION
committed
* LightSmsTransport.php - escape phone number
1 parent 8620e82 commit 5d2e692

File tree

1 file changed

+14
-4
lines changed

1 file changed

+14
-4
lines changed

src/Symfony/Component/Notifier/Bridge/LightSms/LightSmsTransport.php

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -109,8 +109,8 @@ protected function doSend(MessageInterface $message): SentMessage
109109
$this->getEndpoint(),
110110
$this->login,
111111
$signature,
112-
str_replace('+', '', $message->getPhone()),
113-
$message->getSubject(),
112+
$this->escapePhoneNumber($message->getPhone()),
113+
$this->escapeSubject($message->getSubject()),
114114
$this->phone,
115115
time()
116116
);
@@ -141,14 +141,24 @@ private function generateSignature(array $params): string
141141
$params = [
142142
'timestamp' => $params['timestamp'],
143143
'login' => $this->login,
144-
'phone' => str_replace('+', '', $params['message']->getPhone()),
144+
'phone' => $this->escapePhoneNumber($params['message']->getPhone()),
145145
'sender' => $this->phone,
146-
'text' => $params['message']->getSubject(),
146+
'text' => $this->escapeSubject($params['message']->getSubject()),
147147
];
148148

149149
ksort($params);
150150
reset($params);
151151

152152
return md5(implode('', $params).$this->password);
153153
}
154+
155+
private function escapeSubject($subject): string
156+
{
157+
return strip_tags($subject);
158+
}
159+
160+
private function escapePhoneNumber($phoneNumber): string
161+
{
162+
return str_replace('+', '', $phoneNumber);
163+
}
154164
}

0 commit comments

Comments
 (0)
0