本文整理汇总了PHP中qa_check_form_security_code函数的典型用法代码示例。如果您正苦于以下问题:PHP qa_check_form_security_code函数的具体用法?PHP qa_check_form_security_code怎么用?PHP qa_check_form_security_code使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了qa_check_form_security_code函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: admin_form
public function admin_form(&$qa_content)
{
$saved = false;
$error = false;
if (qa_clicked(self::RESET_BTN)) {
if (qa_check_form_security_code('donut/admin_options', qa_post_text('code'))) {
if (donut_reset_all_options()) {
$saved = true;
qa_opt('donut_defaults_set_ok', 1);
}
} else {
$error = qa_lang_html('admin/form_security_expired');
}
}
$form = array('ok' => $saved ? donut_lang('options_reset') : null, 'fields' => array('simple_note' => array('type' => 'static', 'label' => donut_lang('admin_notes'), 'error' => $error)), 'buttons' => array(array('label' => qa_lang_html('admin/reset_options_button'), 'tags' => 'NAME="' . self::RESET_BTN . '"')), 'hidden' => array('code' => qa_get_form_security_code('donut/admin_options')));
return $form;
}示例2: createQuestion
createQuestion($title, $content, $areaclass, $conclass, $tags);
$topath = qa_get('to');
if (isset($topath)) {
qa_redirect_raw("/" . $topath);
} else {
qa_redirect_raw('/');
}
}
}
} else {
qa_redirect_raw('/view/question.php');
}
}
if ($doanswer) {
if (!qa_get_logged_in_userid()) {
if (!qa_check_form_security_code('answer', qa_post_text('code')) || strtolower($_SESSION['VerifyCode']) != strtolower(qa_post_text('captcha'))) {
$errors['page'] = '验证码错误,请重试';
qa_redirect_raw('/questiondetail/' . $_POST['question'] . '.html?error=' . urlencode($errors['page']));
} else {
$parentid = $_POST['question'];
$content = $_POST['content'];
createAnswer($parentid, $content);
$topath = qa_get('to');
if (isset($topath)) {
qa_redirect_raw("/" . $topath);
} else {
qa_redirect_raw('/');
}
}
}
}示例3: qa_db_points_option_names
if (!qa_admin_check_privileges($qa_content)) {
return $qa_content;
}
// Process user actions
$securityexpired = false;
$recalculate = false;
$optionnames = qa_db_points_option_names();
if (qa_clicked('doshowdefaults')) {
$options = array();
foreach ($optionnames as $optionname) {
$options[$optionname] = qa_default_option($optionname);
}
} else {
if (qa_clicked('docancel')) {
} elseif (qa_clicked('dosaverecalc')) {
if (!qa_check_form_security_code('admin/points', qa_post_text('code'))) {
$securityexpired = true;
} else {
foreach ($optionnames as $optionname) {
qa_set_option($optionname, (int) qa_post_text('option_' . $optionname));
}
if (!qa_post_text('has_js')) {
qa_redirect('admin/recalc', array('dorecalcpoints' => 1));
} else {
$recalculate = true;
}
}
}
$options = qa_get_options($optionnames);
}
// Prepare content for theme示例4: qa_page_q_edit_c_submit
function qa_page_q_edit_c_submit($comment, $question, $parent, &$in, &$errors)
{
$commentid = $comment['postid'];
$prefix = 'c' . $commentid . '_';
$in = array();
if ($comment['isbyuser']) {
$in['name'] = qa_post_text($prefix . 'name');
$in['notify'] = qa_post_text($prefix . 'notify') ? true : false;
$in['email'] = qa_post_text($prefix . 'email');
}
if (!qa_user_post_permit_error('permit_edit_silent', $comment)) {
$in['silent'] = qa_post_text($prefix . 'silent');
}
qa_get_post_content($prefix . 'editor', $prefix . 'content', $in['editor'], $in['content'], $in['format'], $in['text']);
// here the $in array only contains values for parts of the form that were displayed, so those are only ones checked by filters
$errors = array();
if (!qa_check_form_security_code('edit-' . $commentid, qa_post_text($prefix . 'code'))) {
$errors['content'] = qa_lang_html('misc/form_security_again');
} else {
$in['queued'] = qa_opt('moderate_edited_again') && qa_user_moderation_reason(qa_user_level_for_post($comment));
$filtermodules = qa_load_modules_with('filter', 'filter_comment');
foreach ($filtermodules as $filtermodule) {
$oldin = $in;
$filtermodule->filter_comment($in, $errors, $question, $parent, $comment);
qa_update_post_text($in, $oldin);
}
if (empty($errors)) {
$userid = qa_get_logged_in_userid();
$handle = qa_get_logged_in_handle();
$cookieid = qa_cookie_get();
if (!isset($in['silent'])) {
$in['silent'] = false;
}
$setnotify = $comment['isbyuser'] ? qa_combine_notify_email($comment['userid'], $in['notify'], $in['email']) : $comment['notify'];
qa_comment_set_content($comment, $in['content'], $in['format'], $in['text'], $setnotify, $userid, $handle, $cookieid, $question, $parent, @$in['name'], $in['queued'], $in['silent']);
return true;
}
}
return false;
}示例5: qa_post_text
GNU General Public License for more details.
More about this license: http://www.question2answer.org/license.php
*/
require_once QA_INCLUDE_DIR . 'qa-app-users.php';
require_once QA_INCLUDE_DIR . 'qa-app-cookies.php';
require_once QA_INCLUDE_DIR . 'qa-app-votes.php';
require_once QA_INCLUDE_DIR . 'qa-app-format.php';
require_once QA_INCLUDE_DIR . 'qa-app-options.php';
require_once QA_INCLUDE_DIR . 'qa-db-selects.php';
$postid = qa_post_text('postid');
$vote = qa_post_text('vote');
$code = qa_post_text('code');
$userid = qa_get_logged_in_userid();
$cookieid = qa_cookie_get();
if (!qa_check_form_security_code('vote', $code)) {
$voteerror = qa_lang_html('misc/form_security_reload');
} else {
$post = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $postid));
$voteerror = qa_vote_error_html($post, $vote, $userid, qa_request());
}
if ($voteerror === false) {
qa_vote_set($post, $userid, qa_get_logged_in_handle(), $cookieid, $vote);
$post = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $postid));
$fields = qa_post_html_fields($post, $userid, $cookieid, array(), null, array('voteview' => qa_get_vote_view($post, true)));
$themeclass = qa_load_theme_class(qa_get_site_theme(), 'voting', null, null);
echo "QA_AJAX_RESPONSE\n1\n";
$themeclass->voting_inner_html($fields);
} else {
echo "QA_AJAX_RESPONSE\n0\n" . $voteerror;
}示例6: list
}
list($useraccount, $userprofile) = qa_db_select_with_pending(qa_db_user_account_selectspec($userid, true), qa_db_user_profile_selectspec($userid, true));
qa_report_event('u_save', $userid, $useraccount['handle'], qa_cookie_get());
if (empty($errors)) {
qa_redirect('account', array('state' => 'profile-saved'));
}
qa_logged_in_user_flush();
}
}
// Process change password if clicked
if (qa_clicked('dochangepassword')) {
require_once QA_INCLUDE_DIR . 'qa-app-users-edit.php';
$inoldpassword = qa_post_text('oldpassword');
$innewpassword1 = qa_post_text('newpassword1');
$innewpassword2 = qa_post_text('newpassword2');
if (!qa_check_form_security_code('password', qa_post_text('code'))) {
$errors['page'] = qa_lang_html('misc/form_security_again');
} else {
$errors = array();
if ($haspassword && strtolower(qa_db_calc_passcheck($inoldpassword, $useraccount['passsalt'])) != strtolower($useraccount['passcheck'])) {
$errors['oldpassword'] = qa_lang('users/password_wrong');
}
$useraccount['password'] = $inoldpassword;
$errors = $errors + qa_password_validate($innewpassword1, $useraccount);
// array union
if ($innewpassword1 != $innewpassword2) {
$errors['newpassword2'] = qa_lang('users/password_mismatch');
}
if (empty($errors)) {
qa_db_user_set_password($userid, $innewpassword1);
qa_db_user_set($userid, 'sessioncode', '');示例7: qa_wall_error_html
$wallposterrorhtml = qa_wall_error_html($loginuserid, $useraccount['userid'], $useraccount['flags']);
foreach ($usermessages as $message) {
if ($message['deleteable'] && qa_clicked('m' . $message['messageid'] . '_dodelete')) {
if (!qa_check_form_security_code('wall-' . $useraccount['handle'], qa_post_text('code'))) {
$errors['page'] = qa_lang_html('misc/form_security_again');
} else {
qa_wall_delete_post($loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), $message);
qa_redirect(qa_request(), $_GET);
}
}
}
if (qa_clicked('dowallpost')) {
$inmessage = qa_post_text('message');
if (!strlen($inmessage)) {
$errors['message'] = qa_lang('profile/post_wall_empty');
} elseif (!qa_check_form_security_code('wall-' . $useraccount['handle'], qa_post_text('code'))) {
$errors['message'] = qa_lang_html('misc/form_security_again');
} elseif (!$wallposterrorhtml) {
qa_wall_add_post($loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), $useraccount['userid'], $useraccount['handle'], $inmessage, '');
qa_redirect(qa_request());
}
}
// Prepare content for theme
$qa_content = qa_content_prepare();
$qa_content['title'] = qa_lang_html_sub('profile/wall_for_x', $userhtml);
$qa_content['error'] = @$errors['page'];
$qa_content['script_rel'][] = 'qa-content/qa-user.js?' . QA_VERSION;
$qa_content['message_list'] = array('tags' => 'id="wallmessages"', 'form' => array('tags' => 'name="wallpost" method="post" action="' . qa_self_html() . '"', 'style' => 'tall', 'hidden' => array('qa_click' => '', 'handle' => qa_html($useraccount['handle']), 'start' => qa_html($start), 'code' => qa_get_form_security_code('wall-' . $useraccount['handle']))), 'messages' => array());
if ($start == 0) {
// only allow posting on first page
if ($wallposterrorhtml) {示例8: qa_get_logged_in_userid
return include QA_INCLUDE_DIR . 'qa-page-not-found.php';
}
// Find recently (hidden, queued or not) questions, answers, comments and edits for this IP
$userid = qa_get_logged_in_userid();
list($qs, $qs_queued, $qs_hidden, $a_qs, $a_queued_qs, $a_hidden_qs, $c_qs, $c_queued_qs, $c_hidden_qs, $edit_qs) = qa_db_select_with_pending(qa_db_qs_selectspec($userid, 'created', 0, null, $ip, false), qa_db_qs_selectspec($userid, 'created', 0, null, $ip, 'Q_QUEUED'), qa_db_qs_selectspec($userid, 'created', 0, null, $ip, 'Q_HIDDEN', true), qa_db_recent_a_qs_selectspec($userid, 0, null, $ip, false), qa_db_recent_a_qs_selectspec($userid, 0, null, $ip, 'A_QUEUED'), qa_db_recent_a_qs_selectspec($userid, 0, null, $ip, 'A_HIDDEN', true), qa_db_recent_c_qs_selectspec($userid, 0, null, $ip, false), qa_db_recent_c_qs_selectspec($userid, 0, null, $ip, 'C_QUEUED'), qa_db_recent_c_qs_selectspec($userid, 0, null, $ip, 'C_HIDDEN', true), qa_db_recent_edit_qs_selectspec($userid, 0, null, $ip, false));
// Check we have permission to view this page, and whether we can block or unblock IPs
if (qa_user_maximum_permit_error('permit_anon_view_ips')) {
$qa_content = qa_content_prepare();
$qa_content['error'] = qa_lang_html('users/no_permission');
return $qa_content;
}
$blockable = qa_user_level_maximum() >= QA_USER_LEVEL_MODERATOR;
// allow moderator in one category to block across all categories
// Perform blocking or unblocking operations as appropriate
if (qa_clicked('doblock') || qa_clicked('dounblock') || qa_clicked('dohideall')) {
if (!qa_check_form_security_code('ip-' . $ip, qa_post_text('code'))) {
$pageerror = qa_lang_html('misc/form_security_again');
} elseif ($blockable) {
if (qa_clicked('doblock')) {
$oldblocked = qa_opt('block_ips_write');
qa_set_option('block_ips_write', (strlen($oldblocked) ? $oldblocked . ' , ' : '') . $ip);
qa_report_event('ip_block', $userid, qa_get_logged_in_handle(), qa_cookie_get(), array('ip' => $ip));
qa_redirect(qa_request());
}
if (qa_clicked('dounblock')) {
require_once QA_INCLUDE_DIR . 'qa-app-limits.php';
$blockipclauses = qa_block_ips_explode(qa_opt('block_ips_write'));
foreach ($blockipclauses as $key => $blockipclause) {
if (qa_block_ip_match($ip, $blockipclause)) {
unset($blockipclauses[$key]);
}示例9: array
exit;
}
require_once QA_INCLUDE_DIR . 'app/admin.php';
require_once QA_INCLUDE_DIR . 'app/recalc.php';
// Check we have administrative privileges
if (!qa_admin_check_privileges($qa_content)) {
return $qa_content;
}
// Find out the operation
$allowstates = array('dorecountposts', 'doreindexcontent', 'dorecalcpoints', 'dorefillevents', 'dorecalccategories', 'dodeletehidden', 'doblobstodisk', 'doblobstodb');
$recalcnow = false;
foreach ($allowstates as $allowstate) {
if (qa_post_text($allowstate) || qa_get($allowstate)) {
$state = $allowstate;
$code = qa_post_text('code');
if (isset($code) && qa_check_form_security_code('admin/recalc', $code)) {
$recalcnow = true;
}
}
}
if ($recalcnow) {
?>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body>
<tt>
<?php 示例10: qa_check_page_clicks
function qa_check_page_clicks()
{
if (qa_to_override(__FUNCTION__)) {
$args = func_get_args();
return qa_call_override(__FUNCTION__, $args);
}
global $qa_page_error_html;
if (qa_is_http_post()) {
foreach ($_POST as $field => $value) {
if (strpos($field, 'vote_') === 0) {
// voting...
@(list($dummy, $postid, $vote, $anchor) = explode('_', $field));
if (isset($postid) && isset($vote)) {
if (!qa_check_form_security_code('vote', qa_post_text('code'))) {
$qa_page_error_html = qa_lang_html('misc/form_security_again');
} else {
require_once QA_INCLUDE_DIR . 'app/votes.php';
require_once QA_INCLUDE_DIR . 'db/selects.php';
$userid = qa_get_logged_in_userid();
$post = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $postid));
$qa_page_error_html = qa_vote_error_html($post, $vote, $userid, qa_request());
if (!$qa_page_error_html) {
qa_vote_set($post, $userid, qa_get_logged_in_handle(), qa_cookie_get(), $vote);
qa_redirect(qa_request(), $_GET, null, null, $anchor);
}
break;
}
}
} elseif (strpos($field, 'favorite_') === 0) {
// favorites...
@(list($dummy, $entitytype, $entityid, $favorite) = explode('_', $field));
if (isset($entitytype) && isset($entityid) && isset($favorite)) {
if (!qa_check_form_security_code('favorite-' . $entitytype . '-' . $entityid, qa_post_text('code'))) {
$qa_page_error_html = qa_lang_html('misc/form_security_again');
} else {
require_once QA_INCLUDE_DIR . 'app/favorites.php';
qa_user_favorite_set(qa_get_logged_in_userid(), qa_get_logged_in_handle(), qa_cookie_get(), $entitytype, $entityid, $favorite);
qa_redirect(qa_request(), $_GET);
}
}
} elseif (strpos($field, 'notice_') === 0) {
// notices...
@(list($dummy, $noticeid) = explode('_', $field));
if (isset($noticeid)) {
if (!qa_check_form_security_code('notice-' . $noticeid, qa_post_text('code'))) {
$qa_page_error_html = qa_lang_html('misc/form_security_again');
} else {
if ($noticeid == 'visitor') {
setcookie('qa_noticed', 1, time() + 86400 * 3650, '/', QA_COOKIE_DOMAIN);
} elseif ($noticeid == 'welcome') {
require_once QA_INCLUDE_DIR . 'db/users.php';
qa_db_user_set_flag(qa_get_logged_in_userid(), QA_USER_FLAGS_WELCOME_NOTICE, false);
} else {
require_once QA_INCLUDE_DIR . 'db/notices.php';
qa_db_usernotice_delete(qa_get_logged_in_userid(), $noticeid);
}
qa_redirect(qa_request(), $_GET);
}
}
}
}
}
}示例11: qa_post_text
return $qa_content;
}
// Process submitted form
if (qa_clicked('doregister')) {
require_once QA_INCLUDE_DIR . 'app/limits.php';
if (qa_user_limits_remaining(QA_LIMIT_REGISTRATIONS)) {
require_once QA_INCLUDE_DIR . 'app/users-edit.php';
$inemail = qa_post_text('email');
$inpassword = qa_post_text('password');
$inhandle = qa_post_text('handle');
$interms = (int) qa_post_text('terms');
$inprofile = array();
foreach ($userfields as $userfield) {
$inprofile[$userfield['fieldid']] = qa_post_text('field_' . $userfield['fieldid']);
}
if (!qa_check_form_security_code('register', qa_post_text('code'))) {
$pageerror = qa_lang_html('misc/form_security_again');
} else {
// core validation
$errors = array_merge(qa_handle_email_filter($inhandle, $inemail), qa_password_validate($inpassword));
// T&Cs validation
if ($show_terms && !$interms) {
$errors['terms'] = qa_lang_html('users/terms_not_accepted');
}
// filter module validation
if (count($inprofile)) {
$filtermodules = qa_load_modules_with('filter', 'filter_profile');
foreach ($filtermodules as $filtermodule) {
$filtermodule->filter_profile($inprofile, $errors, null, null);
}
}示例12: qa_fatal_error
// Check we're not using single-sign on integration and that we're not logged in
if (QA_FINAL_EXTERNAL_USERS) {
qa_fatal_error('User login is handled by external code');
}
if (qa_is_logged_in()) {
qa_redirect('');
}
// Process incoming form
if (qa_clicked('doreset')) {
require_once QA_INCLUDE_DIR . 'qa-app-users-edit.php';
require_once QA_INCLUDE_DIR . 'qa-db-users.php';
$inemailhandle = qa_post_text('emailhandle');
$incode = trim(qa_post_text('code'));
// trim to prevent passing in blank values to match uninitiated DB rows
$errors = array();
if (!qa_check_form_security_code('reset', qa_post_text('formcode'))) {
$errors['page'] = qa_lang_html('misc/form_security_again');
} else {
if (qa_opt('allow_login_email_only') || strpos($inemailhandle, '@') !== false) {
// handles can't contain @ symbols
$matchusers = qa_db_user_find_by_email($inemailhandle);
} else {
$matchusers = qa_db_user_find_by_handle($inemailhandle);
}
if (count($matchusers) == 1) {
// if match more than one (should be impossible), consider it a non-match
require_once QA_INCLUDE_DIR . 'qa-db-selects.php';
$inuserid = $matchusers[0];
$userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inuserid, true));
// strlen() check is vital otherwise we can reset code for most users by entering the empty string
if (strlen($incode) && strtolower(trim($userinfo['emailcode'])) == strtolower($incode)) {示例13: cs_ajax_delete_featured_image
function cs_ajax_delete_featured_image()
{
$args = strip_tags($_REQUEST['args']);
$args = explode('_', $args);
print_r($args);
if (qa_get_logged_in_level() > QA_USER_LEVEL_ADMIN && isset($args) && qa_check_form_security_code('delete-image', $args[0])) {
require_once QA_INCLUDE_DIR . 'qa-db-metas.php';
$img = qa_db_postmeta_get($args[1], 'featured_image');
if (!empty($img)) {
$thumb_img = preg_replace('/(\\.[^.]+)$/', sprintf('%s$1', '_s'), $img);
$thumb = Q_THEME_DIR . '/uploads/' . $thumb_img;
$big_img = Q_THEME_DIR . '/uploads/' . $img;
qa_db_postmeta_clear($args[1], 'featured_image');
if (file_exists($big_img)) {
unlink($big_img);
}
if (file_exists($thumb)) {
unlink($thumb);
}
}
}
die;
}示例14: or
Description: Server-side response to Ajax single clicks on posts in admin section
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
More about this license: http://www.question2answer.org/license.php
*/
require_once QA_INCLUDE_DIR . 'qa-app-admin.php';
require_once QA_INCLUDE_DIR . 'qa-app-users.php';
require_once QA_INCLUDE_DIR . 'qa-app-cookies.php';
$entityid = qa_post_text('entityid');
$action = qa_post_text('action');
if (!qa_check_form_security_code('admin/click', qa_post_text('code'))) {
echo "QA_AJAX_RESPONSE\n0\n" . qa_lang('misc/form_security_reload');
} elseif (qa_admin_single_click($entityid, $action)) {
// permission check happens in here
echo "QA_AJAX_RESPONSE\n1\n";
} else {
echo "QA_AJAX_RESPONSE\n0\n" . qa_lang('main/general_error');
}
/*
Omit PHP closing tag to help avoid accidental output
*/示例15: or
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
More about this license: http://www.question2answer.org/license.php
*/
require_once QA_INCLUDE_DIR . 'app/users.php';
require_once QA_INCLUDE_DIR . 'app/recalc.php';
if (qa_get_logged_in_level() >= QA_USER_LEVEL_ADMIN) {
if (!qa_check_form_security_code('admin/recalc', qa_post_text('code'))) {
$state = '';
$message = qa_lang('misc/form_security_reload');
} else {
$state = qa_post_text('state');
$stoptime = time() + 3;
while (qa_recalc_perform_step($state) && time() < $stoptime) {
}
$message = qa_recalc_get_message($state);
}
} else {
$state = '';
$message = qa_lang('admin/no_privileges');
}
echo "QA_AJAX_RESPONSE\n1\n" . $state . "\n" . qa_html($message);
/*