From 2214ac40f896034d5986acc5b54db3076d5beaa5 Mon Sep 17 00:00:00 2001
From: Anastasia <steska13@gmail.com>
Date: Thu, 5 Jul 2018 13:14:41 +0300
Subject: [PATCH] - invalid get parameters

---
 frontend/components/UrlManager.php | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/frontend/components/UrlManager.php b/frontend/components/UrlManager.php
index dd798d5..0bd3332 100644
--- a/frontend/components/UrlManager.php
+++ b/frontend/components/UrlManager.php
@@ -5,6 +5,7 @@
     use artbox\core\models\Alias;
     use artbox\core\services\Languages;
     use yii\helpers\Json;
+    use yii\web\NotFoundHttpException;
     use yii\web\Request;
 
     /**
@@ -42,6 +43,15 @@
          * @param \artbox\core\services\Languages $languages
          * @param array                           $config
          */
+        
+        public $params = [
+            'id' => 'id',
+            'page' => 'page',
+            'per-page' => 'per_page',
+            'book_id' => 'book_id',
+            'q' => 'q',
+            'tag' => 'tag',
+        ];
         public function __construct(Languages $languages, array $config = [])
         {
             $this->languages = $languages;
@@ -77,7 +87,7 @@
                               ]
                           )
                           ->one();
-            
+            $this->invalidParams(\Yii::$app->request->queryParams);
             if ($alias !== null) {
                 $params = Json::decode($alias->route);
                 
@@ -185,4 +195,13 @@
             //                                    ->send();
             //            }
         }
+        
+        protected function invalidParams($requestParams){
+            foreach ($requestParams as $key =>$param){
+                
+                if (!array_key_exists($key, $this->params)){
+                    throw new NotFoundHttpException();
+                }
+            }
+        }
     }
\ No newline at end of file
--
libgit2 0.21.4