当前位置: 首页>>代码示例>>PHP>>正文

PHP CSRF::ValidateToken方法代码示例

本文整理汇总了PHP中CSRF::ValidateToken方法的典型用法代码示例。如果您正苦于以下问题:PHP CSRF::ValidateToken方法的具体用法?PHP CSRF::ValidateToken怎么用?PHP CSRF::ValidateToken使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在CSRF的用法示例。


在下文中一共展示了CSRF::ValidateToken方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: doCheckLogin

function doCheckLogin()
{
    global $config;
    if (!isset($_POST[LOGIN_FORM_USERNAME]) || !isset($_POST[LOGIN_FORM_PASSWORD])) {
        return;
    }
    $username = trim(stripslashes(@$_POST[LOGIN_FORM_USERNAME]));
    $password = stripslashes(@$_POST[LOGIN_FORM_PASSWORD]);
    session_init();
    if (CSRF::isEnabled() && !isset($_SESSION[CSRF::SESSION_KEY])) {
        echo '<p style="color: red;">PHP Session seems to have failed!</p>';
        CSRF::ValidateToken();
        exit;
    }
    CSRF::ValidateToken();
    $password = md5($password);
    $config['user']->doLogin($username, $password);
    if ($config['user']->isOk() && getVar('error') == '') {
        // success
        $lastpage = getLastPage();
        if (strpos($lastpage, 'login') !== FALSE) {
            $lastpage = './';
        }
        ForwardTo($lastpage);
        exit;
    }
    unset($username, $password);
}
开发者ID:Furt,项目名称:WebAuctionPlus,代码行数:28,代码来源:login.php

示例2: doChangePassword

function doChangePassword()
{
    global $config;
    if (!isset($_POST[CHANGEPASS_FORM_PASSWORD]) || !isset($_POST[CHANGEPASS_FORM_CONFIRM])) {
        return NULL;
    }
    $password = trim(stripslashes(@$_POST[CHANGEPASS_FORM_PASSWORD]));
    $confirm = trim(stripslashes(@$_POST[CHANGEPASS_FORM_CONFIRM]));
    unset($_POST[CHANGEPASS_FORM_PASSWORD]);
    unset($_POST[CHANGEPASS_FORM_CONFIRM]);
    session_init();
    if (CSRF::isEnabled() && !isset($_SESSION[CSRF::SESSION_KEY])) {
        echo '<p style="color: red;">PHP Session seems to have failed!</p>';
        CSRF::ValidateToken();
        exit;
    }
    CSRF::ValidateToken();
    // check passwords match
    if ($password !== $confirm) {
        $_SESSION['error'][] = 'Passwords don\'t match. Please try again.';
        return FALSE;
    }
    // check password length
    if (strlen($password) < 6) {
        $_SESSION['error'][] = 'Password is to short, must be at least 6 characters long.';
        return FALSE;
    }
    // update password in database
    $result = $config['user']->ChangePassword(md5($password));
    // successful change
    if ($result !== FALSE) {
        // password has been changed
        $_SESSION['Temp Pass'] = FALSE;
        $lastpage = getLastPage();
        if (strpos($lastpage, 'login') !== FALSE || strpos($lastpage, 'changepass') !== FALSE) {
            $lastpage = './';
        }
        ForwardTo($lastpage);
        exit;
    }
    return FALSE;
}
开发者ID:GRANTSWIM4,项目名称:WebAuctionPlus-1.2,代码行数:42,代码来源:changepass.php

示例3: doCheckLogin

function doCheckLogin()
{
    global $config;
    if (!isset($_POST[LOGIN_FORM_USERNAME]) || !isset($_POST[LOGIN_FORM_PASSWORD])) {
        return NULL;
    }
    $username = trim(stripslashes(@$_POST[LOGIN_FORM_USERNAME]));
    $password = trim(stripslashes(@$_POST[LOGIN_FORM_PASSWORD]));
    unset($_POST[LOGIN_FORM_PASSWORD]);
    session_init();
    if (CSRF::isEnabled() && !isset($_SESSION[CSRF::SESSION_KEY])) {
        echo '<p style="color: red;">PHP Session seems to have failed!</p>';
        CSRF::ValidateToken();
        exit;
    }
    CSRF::ValidateToken();
    // check hashed password
    $result = $config['user']->doLogin($username, md5($password));
    // try temporary password
    if ($result !== TRUE && strlen($password) < 32) {
        //    unset($_GET['error']);
        $result = $config['user']->doLogin($username, $password);
        if ($result === TRUE && $config['user']->isOk() && getVar('error') == '') {
            $_SESSION['Temp Pass'] = TRUE;
            unset($_SESSION['error']);
        }
    }
    // successful login
    if ($result !== FALSE && $config['user']->isOk() && getVar('error') == '') {
        $lastpage = getLastPage();
        if (strpos($lastpage, 'login') !== FALSE) {
            $lastpage = './';
        }
        ForwardTo($lastpage);
        exit;
    }
    unset($username, $password);
    return TRUE;
}
开发者ID:GRANTSWIM4,项目名称:WebAuctionPlus-1.2,代码行数:39,代码来源:login.php

示例4: getLastPage

    if ($config['user']->isLocked()) {
        echo '<center><h2>Your inventory is currently locked.<br />Please close your in game inventory and try again.</h2><br /><a href="' . getLastPage() . '">Back to last page</a></center>';
        ForwardTo(getLastPage(), 4);
        exit;
    }
    // buy auction
    if (AuctionFuncs::BuyAuction(getVar('auctionid', 'int', 'post'), getVar('qty', 'int', 'post'))) {
        echo '<center><h2>Auction purchased successfully!</h2><br /><a href="' . getLastPage() . '">Back to last page</a></center>';
        ForwardTo(getLastPage(), 2);
        exit;
    }
    echo $config['error'];
    exit;
}
if ($config['action'] == 'cancel') {
    CSRF::ValidateToken();
    // inventory is locked
    if ($config['user']->isLocked()) {
        echo '<center><h2>Your inventory is currently locked.<br />Please close your in game inventory and try again.</h2><br /><a href="' . getLastPage() . '">Back to last page</a></center>';
        ForwardTo(getLastPage(), 4);
        exit;
    }
    // cancel auction
    if (AuctionFuncs::CancelAuction(getVar('auctionid', 'int', 'post'))) {
        echo '<center><h2>Auction canceled!</h2><br /><a href="' . getLastPage() . '">Back to last page</a></center>';
        ForwardTo(getLastPage(), 2);
        exit;
    }
    echo $config['error'];
    exit;
}
开发者ID:Furt,项目名称:WebAuctionPlus,代码行数:31,代码来源:auctions.php


注:本文中的CSRF::ValidateToken方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。