| protected _secure ( boolean $lock, string | array $field, mixed $value = null ) : void | ||
| $lock | boolean | Whether this field should be part of the validation or excluded as part of the unlockedFields. |
| $field | string | array | Reference to field to be secured. Can be dot separated string to indicate nesting or array of fieldname parts. |
| $value | mixed | Field value, if value should not be tampered with. |
| return | void | |
protected function _secure($lock, $field, $value = null)
{
if (empty($field) && $field !== '0') {
return;
}
if (is_string($field)) {
$field = Hash::filter(explode('.', $field));
}
foreach ($this->_unlockedFields as $unlockField) {
$unlockParts = explode('.', $unlockField);
if (array_values(array_intersect($field, $unlockParts)) === $unlockParts) {
return;
}
}
$field = implode('.', $field);
$field = preg_replace('/(\\.\\d+)+$/', '', $field);
if ($lock) {
if (!in_array($field, $this->fields)) {
if ($value !== null) {
return $this->fields[$field] = $value;
}
if (isset($this->fields[$field]) && $value === null) {
unset($this->fields[$field]);
}
$this->fields[] = $field;
}
} else {
$this->unlockField($field);
}
}