当前位置: 首页>>代码示例>>PHP>>正文


PHP check_nonce函数代码示例

本文整理汇总了PHP中check_nonce函数的典型用法代码示例。如果您正苦于以下问题:PHP check_nonce函数的具体用法?PHP check_nonce怎么用?PHP check_nonce使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了check_nonce函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: admin_view

 /**
  *	Callback attached in `admin_menu`: admin settings
  *	@callback
  */
 public function admin_view()
 {
     $data = array();
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         $action = $_POST['_action'];
         $data['action'] = $action;
         // Obligatory CSRF check
         if (check_nonce($_POST['_nonce'], $action, $this->_info['id'])) {
             // Take action!
             switch ($action) {
                 case 'save':
                     if ($this->_save($_POST)) {
                         $data['updated'] = 'Settings saved';
                     } else {
                         $data['error'] = 'There was a problem saving data';
                     }
                     break;
             }
         } elseif ($action) {
             // Failed CSRF test
             $data['error'] = 'Request timed out';
         }
     }
     $this->_load_view('admin', $data);
 }
开发者ID:rjz,项目名称:getsimple-plugin-template,代码行数:29,代码来源:plugin.php

示例2: instapaper_submit

function instapaper_submit()
{
    $id = $_GET['id'];
    $item = Items::get_instance()->get_item($id);
    if (false === $item) {
        throw new Exception(_r('Invalid item ID specified', 'instapaper'));
    }
    $user = get_option('instapaper_user');
    if (empty($user)) {
        throw new Exception(sprintf(_r('Please set your username and password in the <a href="%s">settings</a>.', 'instapaper'), get_option('baseurl') . 'admin/settings.php'));
    }
    if (!check_nonce($_GET['_nonce'])) {
        throw new Exception(_r('Nonces did not match. Try again.', 'instapaper'));
    }
    $data = array('username' => get_option('instapaper_user', ''), 'password' => get_option('instapaper_pass', ''), 'url' => $item->permalink, 'title' => apply_filters('the_title', $item->title));
    $request = new HTTPRequest('', 2);
    $response = $request->post("https://www.instapaper.com/api/add", array(), $data);
    switch ($response->status_code) {
        case 400:
            throw new Exception(_r('Internal error. Please report this.', 'instapaper'));
        case 403:
            throw new Exception(sprintf(_r('Invalid username/password. Please check your details in the <a href="%s">settings</a>.', 'instapaper'), get_option('baseurl') . 'admin/settings.php'));
        case 500:
            throw new Exception(_r('An error occurred when contacting Instapaper. Please try again later.', 'instapaper'));
    }
    instapaper_page_head();
    ?>
	<div id="message">
		<h1><?php 
    _e('Success!');
    ?>
</h1>
		<p class="sidenote"><?php 
    _e('Closing window in...', 'instapaper');
    ?>
</p>
		<p class="sidenote" id="counter">3</p>
	</div>
	<script>
		$(document).ready(function () {
			setInterval(countdown, 1000);
		});

		function countdown() {
			if(timer > 0) {
				$('#counter').text(timer);
				timer--;
			}
			else {
				self.close();
			}
		}

		var timer = 2;
	</script>
<?php 
    instapaper_page_foot();
    die;
}
开发者ID:rmccue,项目名称:Lilina,代码行数:59,代码来源:instapaper.php

示例3: check_for_csrf

/**
 * check for csrfs
 * @param  string $action action to pass to check_nonce
 * @param  string $file   file to pass to check_nonce
 * @param  bool   $die    if false return instead of die
 * @return 
 */
function check_for_csrf($action, $file = "", $die = true)
{
    // check for csrf
    if (!getDef('GSNOCSRF', true) || GSNOCSRF == FALSE) {
        $nonce = $_REQUEST['nonce'];
        if (!check_nonce($nonce, $action, $file)) {
            if ($die) {
                die("CSRF detected!");
            }
            return true;
        }
    }
}
开发者ID:promil23,项目名称:GetSimpleCMS,代码行数:20,代码来源:security_functions.php

示例4: check_for_csrf

/**
 * check for csrfs
 * @param  string $action action to pass to check_nonce
 * @param  string $file   file to pass to check_nonce
 * @param  bool   $die    if false return instead of die
 * @return bool   returns true if csrf check fails
 */
function check_for_csrf($action, $file = "", $die = true)
{
    // check for csrf
    if (!getDef('GSNOCSRF', true)) {
        $nonce = $_REQUEST['nonce'];
        if (!check_nonce($nonce, $action, $file)) {
            exec_action('csrf');
            // @hook csrf a csrf was detected
            if (requestIsAjax()) {
                $error = i18n_r("CSRF", "CRSF Detected!");
                echo "<div>";
                // jquery bug will not parse 1 html element so we wrap it
                include 'template/error_checking.php';
                echo "</div>";
                die;
            }
            if ($die) {
                die(i18n_r("CSRF", "CRSF Detected!"));
            }
            return true;
        }
    }
}
开发者ID:kix23,项目名称:GetSimpleCMS,代码行数:30,代码来源:security_functions.php

示例5: check_nonce

<?php

$resp = \shgysk8zer0\Core\JSON_Response::load();
check_nonce();
switch (trim($_POST['form'])) {
    case 'login':
        $invalid = check_inputs(['user' => is_email($_POST['user']), 'password' => pattern('password')]);
        if (is_null($invalid)) {
            $login->loginWith(['user' => $_POST['user'], 'password' => $_POST['password']]);
            if ($login->logged_in) {
                $session->setUser($login->user)->setPassword($login->password)->setRole($login->role)->setLogged_In(true);
                $resp->close('#loginDialog')->disable('#main_menu [label=Login]')->enable('#main_menu menuitem[label=Logout]')->attributes('body > main', 'contextmenu', 'admin_menu')->notify('Welcome back,', $login->user);
            } else {
                $resp->notify('Login not accepted', 'Check your email & password', 'images/icons/people.png');
            }
        } else {
            $resp->notify('Login not accepted', 'Check your email & password', 'images/icons/people.png');
        }
        break;
    case 'compose_email':
        require_login('admin');
        $email = new \shgysk8zer0\Core\email(array_map('trim', explode(',', $_POST['compose_email']['to'])), trim($_POST['compose_email']['subject']), $_POST['compose_email']['message']);
        if ($email->send(true)) {
            $resp->notify('Success!', 'Email Sent', 'images/icons/envelope.png')->remove('#email_dialog');
        } else {
            $resp->notify('Failed!', 'Unable to send email, check your Internet connection', 'images/icons/envelope.png');
        }
        break;
    case 'email_admin':
        if (is_email($_POST['email_admin']['from'])) {
            $email = new \shgysk8zer0\Core\email($_SERVER['SERVER_ADMIN'], $_POST['email_admin']['subject'], strip_tags($_POST['email_admin']['message']));
开发者ID:gitter-badger,项目名称:chriszuber,代码行数:31,代码来源:form.php

示例6: strippath

if (isset($_GET['t'])) {
    $_GET['t'] = strippath($_GET['t']);
    if ($_GET['t'] && is_dir($relative . 'theme/' . $_GET['t'] . '/')) {
        $TEMPLATE = $_GET['t'];
    }
}
if (isset($_GET['f'])) {
    $_GET['f'] = strippath($_GET['f']);
    if ($_GET['f'] && is_file($relative . 'theme/' . $TEMPLATE . '/' . $_GET['f'])) {
        $TEMPLATE_FILE = $_GET['f'];
    }
}
// Save?
if (isset($_POST['submitsave'])) {
    $nonce = $_POST['nonce'];
    if (!check_nonce($nonce, "save")) {
        die("CSRF detected!");
    }
    $SavedFile = $_POST['edited_file'];
    $FileContents = stripslashes(htmlspecialchars_decode($_POST['content'], ENT_QUOTES));
    $fh = fopen($relative . 'theme/' . $SavedFile, 'w') or die("can't open file");
    fwrite($fh, $FileContents);
    fclose($fh);
    $success = sprintf($i18n['TEMPLATE_FILE'], $SavedFile);
}
// No template file?
if (!$TEMPLATE_FILE) {
    $TEMPLATE_FILE = 'template.php';
}
// Setup
$themes_path = $relative . 'theme';
开发者ID:RobAnt,项目名称:GetSimple-Plugins,代码行数:31,代码来源:theme-edit.php

示例7: getXML

    $xml = getXML($file);
    $private = $xml->xpath('/item/private');
    $oldprivate = (string) $private[0];
    if ($oldprivate == null) {
        $private[0][0] = "Y";
        echo "P1";
    } else {
        $private[0][0] = '';
        echo "P0";
    }
    $bakfile = GSBACKUPSPATH . "pages/" . $id . ".bak.xml";
    copy($file, $bakfile);
    XMLsave($xml, $file);
    create_pagesxml(true);
}
if (check_nonce($nonce, "menu", "toggle.php")) {
    $file = GSDATAPAGESPATH . $id . ".xml";
    $xml = getXML($file);
    $status = $xml->xpath('/item/menuStatus');
    $oldstatus = (string) $status[0];
    if ($oldstatus == null) {
        $status[0][0] = "Y";
        echo "M1";
    } else {
        $status[0][0] = '';
        echo "M0";
    }
    $bakfile = GSBACKUPSPATH . "pages/" . $id . ".bak.xml";
    copy($file, $bakfile);
    XMLsave($xml, $file);
    create_pagesxml(true);
开发者ID:n00dles,项目名称:DM_PE_pagedit,代码行数:31,代码来源:toggle.php

示例8: unset

    }
    if (!validate_plugin($plugin_file)) {
        return false;
    }
    unset($current_plugins[md5($plugin_file)]);
    $data = new DataHandler();
    $data->save('plugins.data', serialize($current_plugins));
    return true;
}
if (isset($_REQUEST['activate_plugin'])) {
    activate_plugin($_REQUEST['activate_plugin']);
} elseif (isset($_REQUEST['deactivate_plugin'])) {
    deactivate_plugin($_REQUEST['deactivate_plugin']);
}
if (!empty($_POST['action']) && $_POST['action'] == 'settings' && !empty($_POST['_nonce'])) {
    if (!check_nonce($_POST['_nonce'])) {
        lilina_nice_die('Nonces do not match.');
    }
    clear_html_cache();
    /** Needs better validation */
    if (!empty($_POST['sitename'])) {
        update_option('sitename', $_REQUEST['sitename']);
    }
    if (!empty($_POST['template'])) {
        update_option('template', $_REQUEST['template']);
    }
    if (!empty($_POST['locale'])) {
        update_option('locale', $_REQUEST['locale']);
    }
    if (!empty($_POST['timezone'])) {
        update_option('timezone', $_REQUEST['timezone']);
开发者ID:BackupTheBerlios,项目名称:oos-svn,代码行数:31,代码来源:settings.php

示例9: htmlentities

// Include common.php
include 'inc/common.php';
// check form referrer - needs siteurl and edit.php in it.
if (isset($_SERVER['HTTP_REFERER'])) {
    if (!(strpos(str_replace('http://www.', '', $SITEURL), $_SERVER['HTTP_REFERER']) === false) || !(strpos("edit.php", $_SERVER['HTTP_REFERER']) === false)) {
        echo "<b>Invalid Referer</b><br />-------<br />";
        echo 'Invalid Referer: ' . htmlentities($_SERVER['HTTP_REFERER'], ENT_QUOTES);
        die('Invalid Referer');
    }
}
login_cookie_check();
if (isset($_POST['submitted'])) {
    // check for csrf
    if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
        $nonce = $_POST['nonce'];
        if (!check_nonce($nonce, "edit", "edit.php")) {
            die("CSRF detected!");
        }
    }
    if (trim($_POST['post-title']) == '') {
        redirect("edit.php?upd=edit-err&type=" . urlencode(i18n_r('CANNOT_SAVE_EMPTY')));
    } else {
        $url = "";
        $title = "";
        $metad = "";
        $metak = "";
        $cont = "";
        // is a slug provided?
        if ($_POST['post-id']) {
            $url = $_POST['post-id'];
            if (isset($i18n['TRANSLITERATION']) && is_array($translit = $i18n['TRANSLITERATION']) && count($translit > 0)) {
开发者ID:google-code-backups,项目名称:get-simple-cms,代码行数:31,代码来源:changedata.php

示例10: die

}
if ($p == 'delete') {
    // check for csrf
    if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
        $nonce = $_GET['nonce'];
        if (!check_nonce($nonce, "delete", "backup-edit.php")) {
            die("CSRF detected!");
        }
    }
    delete_bak($id);
    redirect("backups.php?upd=bak-success&id=" . $id);
} elseif ($p == 'restore') {
    // check for csrf
    if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
        $nonce = $_GET['nonce'];
        if (!check_nonce($nonce, "restore", "backup-edit.php")) {
            die("CSRF detected!");
        }
    }
    if (isset($_GET['new'])) {
        updateSlugs($_GET['new'], $id);
        restore_bak($id);
        $existing = GSDATAPAGESPATH . $_GET['new'] . ".xml";
        $bakfile = GSBACKUPSPATH . "pages/" . $_GET['new'] . ".bak.xml";
        copy($existing, $bakfile);
        unlink($existing);
        redirect("edit.php?id=" . $id . "&old=" . $_GET['new'] . "&upd=edit-success&type=restore");
    } else {
        restore_bak($id);
        redirect("edit.php?id=" . $id . "&upd=edit-success&type=restore");
    }
开发者ID:Emmett-Brown,项目名称:linea,代码行数:31,代码来源:backup-edit.php

示例11: foreach

                $success = $msg . '<br />';
            }
        }
        if (sizeof($errors) != 0) {
            foreach ($errors as $msg) {
                $error = $msg . '<br />';
            }
        }
    }
}
// if creating new folder
if (isset($_GET['newfolder'])) {
    // check for csrf
    if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
        $nonce = $_GET['nonce'];
        if (!check_nonce($nonce, "createfolder")) {
            die("CSRF detected!");
        }
    }
    $newfolder = $_GET['newfolder'];
    // check for invalid chars
    $cleanname = clean_url(to7bit(strippath($newfolder), "UTF-8"));
    if (file_exists($path . $cleanname) || $cleanname == '') {
        $error = i18n_r('ERROR_FOLDER_EXISTS');
    } else {
        if (defined('GSCHMOD')) {
            $chmod_value = GSCHMOD;
        } else {
            $chmod_value = 0755;
        }
        if (mkdir($path . $cleanname, $chmod_value)) {
开发者ID:hatasu,项目名称:appdroid,代码行数:31,代码来源:upload.php

示例12: die

/**
 * Reset Password
 *
 * Resets the password for GetSimple control panel access
 *
 * @package GetSimple
 * @subpackage Login
 */
# setup inclusions
$load['plugin'] = true;
include 'inc/common.php';
if (isset($_POST['submitted'])) {
    // check for csrf
    if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
        $nonce = $_POST['nonce'];
        if (!check_nonce($nonce, "reset_password")) {
            die("CSRF detected!");
        }
    }
    $randSleep = rand(250000, 2000000);
    // random sleep for .25 to 2 seconds
    if (isset($_POST['username']) and !empty($_POST['username'])) {
        # user filename
        $file = _id($_POST['username']) . '.xml';
        # get user information from existing XML file
        if (filepath_is_safe(GSUSERSPATH . $file, GSUSERSPATH)) {
            $data = simplexml_load_file(GSUSERSPATH . $file);
            $USR = strtolower($data->USR);
            $EMAIL = $data->EMAIL;
            if (strtolower($_POST['username']) == $USR) {
                # create new random password
开发者ID:elephantcode,项目名称:elephantcode,代码行数:31,代码来源:resetpassword.php

示例13: do_action

require_once 'admin.php';
require_once LILINA_PATH . '/admin/includes/settings.php';
do_action('register_options');
if (isset($_REQUEST['activate_plugin'])) {
    activate_plugin($_REQUEST['activate_plugin']);
    header('HTTP/1.1 302 Found', true, 302);
    header('Location: ' . get_option('baseurl') . 'admin/settings.php?activated=1');
    die;
} elseif (isset($_REQUEST['deactivate_plugin'])) {
    deactivate_plugin($_REQUEST['deactivate_plugin']);
    header('HTTP/1.1 302 Found', true, 302);
    header('Location: ' . get_option('baseurl') . 'admin/settings.php?deactivated=1');
    die;
}
if (!empty($_POST['action']) && $_POST['action'] == 'settings' && !empty($_POST['_nonce'])) {
    if (!check_nonce('settings', $_POST['_nonce'])) {
        lilina_nice_die('Nonces do not match.');
    }
    $updatable_options = AdminOptions::instance()->whitelisted;
    foreach ($updatable_options as $option) {
        if (!empty($_POST[$option])) {
            $value = apply_filters('options-sanitize-' . $option, $_POST[$option]);
            update_option($option, $value);
        }
    }
    do_action('settings_after_update');
    header('HTTP/1.1 302 Found', true, 302);
    header('Location: ' . get_option('baseurl') . 'admin/settings.php?updated=1');
    die;
}
require_once LILINA_INCPATH . '/core/file-functions.php';
开发者ID:JocelynDelalande,项目名称:Lilina,代码行数:31,代码来源:settings.php

示例14: admin_view

 /**
  *	Callback attached in `admin_menu`: admin settings
  *	@callback
  */
 public function admin_view()
 {
     $data = array('archivers' => $this->_scan_archivers(), 'providers' => $this->_scan_providers(), 'frequencies' => $this->scheduler->frequencies());
     $view = 'admin';
     if ($this->_view !== NULL) {
         // FIXME: this could be prettier.
         return $this->_load_view($this->_view[0], $this->_view[1]);
     }
     // force authorization before plugin may be used.
     if (!$this->is_authorized()) {
         // show "authorize me" page
         return $this->_load_view('authorize', $data);
     }
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         $action = $_POST['_action'];
         $data['action'] = $action;
         // Obligatory CSRF check
         if (check_nonce($_POST['_nonce'], $action, $this->_info['id'])) {
             // Take action!
             switch ($action) {
                 //
                 //	Create a backup
                 //
                 case 'backup':
                     if ($error = $this->backup()) {
                         $data['error'] = $error;
                     } else {
                         $data['updated'] = 'Site backed up';
                     }
                     break;
                     //
                     //	Update/save settings
                     //
                 //
                 //	Update/save settings
                 //
                 case 'settings':
                     $this->_save($_POST);
                     break;
             }
         } elseif ($action) {
             // Failed CSRF test
             $data['error'] = 'Request timed out';
         }
     }
     // show "admin" page
     $this->_load_view($view, $data);
 }
开发者ID:rjz,项目名称:getsimple-cloudbackup,代码行数:52,代码来源:cloudbackup.php

示例15: generate_sitemap

    generate_sitemap();
    # redirect back to yourself to show the new restored data
    redirect('settings.php?restored=true');
}
# was this page restored?
if (isset($_GET['restored'])) {
    $restored = 'true';
} else {
    $restored = 'false';
}
# was the form submitted?
if (isset($_POST['submitted'])) {
    # first check for csrf
    if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) {
        $nonce = $_POST['nonce'];
        if (!check_nonce($nonce, "save_settings")) {
            die("CSRF detected!");
        }
    }
    # website-specific fields
    if (isset($_POST['sitename'])) {
        $SITENAME = htmlentities($_POST['sitename'], ENT_QUOTES, 'UTF-8');
    }
    if (isset($_POST['siteurl'])) {
        $SITEURL = tsl($_POST['siteurl']);
    }
    if (isset($_POST['permalink'])) {
        $PERMALINK = trim($_POST['permalink']);
    }
    if (isset($_POST['template'])) {
        $TEMPLATE = $_POST['template'];
开发者ID:Vin985,项目名称:clqweb,代码行数:31,代码来源:settings.php


注:本文中的check_nonce函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。