当前位置: 首页>>代码示例>>PHP>>正文


PHP CSRF::getTokenID方法代码示例

本文整理汇总了PHP中CSRF::getTokenID方法的典型用法代码示例。如果您正苦于以下问题:PHP CSRF::getTokenID方法的具体用法?PHP CSRF::getTokenID怎么用?PHP CSRF::getTokenID使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在CSRF的用法示例。


在下文中一共展示了CSRF::getTokenID方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: createtask_POST

function createtask_POST(Web &$w)
{
    $w->Task->navigation($w, "Create Task");
    // unserialise input from step I and store in array: arr_req
    $arr_req = unserialize($w->request('formone'));
    // set relevant dt variables with: Today.
    $arr_req['dt_assigned'] = Date('c');
    $arr_req['dt_first_assigned'] = Date('c');
    // insert Task into database
    $task = new Task($w);
    $task->fill($arr_req);
    $task->insert();
    // if insert is successful, store additional fields as task data
    // we do not want to store data from step I, the task_id (as a key=>value pair) nor the FLOW_SID
    if ($task->id) {
        foreach ($_POST as $name => $value) {
            if ($name != "formone" && $name != "FLOW_SID" && $name != "task_id" && $name !== CSRF::getTokenID()) {
                $tdata = new TaskData($w);
                $arr = array("task_id" => $task->id, "key" => $name, "value" => $value);
                $tdata->fill($arr);
                $tdata->insert();
                unset($arr);
            }
        }
        // return to task dashboard
        $w->msg("Task " . $task->title . " added", "/task/viewtask/" . $task->id);
    } else {
        // if task insert was unsuccessful, say as much
        $w->msg("The Task could not be created. Please inform the IT Group", "/task/index/");
    }
}
开发者ID:itillawarra,项目名称:cmfive,代码行数:31,代码来源:createtask.php

示例2: configwidget_POST

function configwidget_POST(Web $w)
{
    $p = $w->pathMatch("origin", "id");
    // "origin", "source", "widget");
    // $widget = $w->Widget->getWidget($p["origin"], $p["source"], $p["widget"]);
    $widget = $w->Widget->getWidgetById($p["id"]);
    // $widgetname = $p["widget"];
    if (empty($widget->id)) {
        $w->error("Widget not found", "/{$p['origin']}");
    }
    $vars = $_POST;
    unset($vars[CSRF::getTokenID()]);
    $widget->custom_config = json_encode($vars);
    $widget->update();
    $w->msg("Widget updated", "/{$p['origin']}");
}
开发者ID:itillawarra,项目名称:cmfive,代码行数:16,代码来源:configwidget.php

示例3: editsettings_POST

function editsettings_POST(Web $w)
{
    $w->setLayout(null);
    $p = $w->pathMatch("id");
    $id = $p["id"];
    if (!$id) {
        $w->error("Missing parameter in request", "/channels/listprocessors");
    }
    // Remove CSRF token from request
    $post = $_POST;
    if (!empty($post[CSRF::getTokenID()])) {
        unset($post[CSRF::getTokenID()]);
    }
    $processor = $w->Channel->getProcessor($id);
    if (empty($processor->id)) {
        $w->error("Invalid processor ID", "/channels/listprocessors");
    }
    $processor->settings = json_encode($post);
    $processor->update();
    $w->msg("Processor settings saved", "/channels/listprocessors");
}
开发者ID:itillawarra,项目名称:cmfive,代码行数:21,代码来源:editsettings.php

示例4: starttimelog_ALL

function starttimelog_ALL(Web &$w)
{
    $p = $w->pathMatch("id");
    if (!empty($_POST['started']) && $_POST["started"] == "yes") {
        // get time log
        $log = $w->Task->getTimeLogEntry($_POST['logid']);
        // update time log entry
        $log->dt_end = date("Y-m-d G:i");
        $log->update();
        // set page variables
        $start = date("Y-m-d G:i", $log->dt_start);
        $end = $log->dt_end;
        $taskid = $_POST['taskid'];
        $tasktitle = $_POST['tasktitle'];
        $logid = $_POST['logid'];
    } else {
        // get the task
        $task = $w->Task->getTask($p['id']);
        // set time log values
        $arr["task_id"] = $task->id;
        $arr["creator_id"] = $_SESSION["user_id"];
        $arr["dt_created"] = date("d/m/Y");
        $arr["user_id"] = $_SESSION["user_id"];
        // format start and end times for database
        $start = $arr["dt_start"] = date("Y-m-d G:i");
        $end = $arr["dt_end"] = date("Y-m-d G:i");
        // add time log entry
        $log = new TaskTime($w);
        $log->fill($arr);
        $log->insert();
        // set page variables
        $taskid = $task->id;
        $tasktitle = $task->title;
        $logid = $log->id;
    }
    // create page
    $html = "<html><head><title>Task Time Log - " . $task->title . "</title>" . "<style type=\"text/css\">" . "body { background-color: #8ad228; }" . "td { background-color: #ffffff; color: #000000; font-family: verdana, arial; font-weight: bold; font-size: .8em; }" . "td.startend { background-color: #d2efab; color: #000000; font-family: verdana, arial; font-weight: bold; font-size: .9em; }" . "td.timelog { background-color: #75ba4d; color: #000000; font-family: verdana, arial; font-weight: bold; font-size: .9em; }" . "td.tasktitle { background-color: #9fea72; color: #000000; font-family: verdana, arial; font-weight: bold; font-size: .8em; }" . "a { text-decoration: none; } " . "a:hover { color: #ffffff; } " . "</style>" . "<script language=\"javascript\">" . "var thedate = new Date();" . "thedate.setDate(thedate.getDate()+1);" . "document.cookie = \"thiswin=true;expires=\" + thedate.toGMTString() + \";path=/\";" . "function doUnLoading() {" . "\tvar thedate = new Date();" . "\tthedate.setDate(thedate.getDate()-1);" . "\tdocument.cookie = \"thiswin=true;expires=\" + thedate.toGMTString() + \";path=/\";" . "\tdocument.theForm.action = \"/task/endtimelog\";" . "\tdocument.theForm.submit();" . "}" . "function beforeUnLoading() {" . "\tdocument.theForm.restart.value = \"yes\";" . "\tdoUnLoading();" . "}" . "function goTask() {" . "\twindow.opener.location.href = \"/task/edit/" . $taskid . "\";" . "}" . "</script></head><body leftmargin=0 topmargin=0 marginwidth=0 marginheight=0 onbeforeunload=\"javascript: doUnLoading();\">" . "<form name=theForm action=\"/task/starttimelog\" method=POST>" . "<input type=\"hidden\" name=\"" . CSRF::getTokenID() . "\" value=\"" . CSRF::getTokenValue() . "\" />" . "<table cellpadding=2 cellspacing=2 border=0 width=100%>" . "<tr align=center><td colspan=2 class=timelog>Task Time Log</td></tr>" . "<tr align=center><td colspan=2 class=tasktitle><a title=\"View Task\" href=\"javascript: goTask();\">" . $tasktitle . "</a></td></tr>" . "<tr align=center><td width=50% class=startend>Start</td><td width=50% class=startend>Stop</td></tr>" . "<tr align=center><td>" . date("g:i a", strtotime($start)) . "</td><td>" . date("g:i a", strtotime($end)) . "</td></tr>" . "<tr align=center><td colspan=2 class=timelog>&nbsp;</td></tr>" . "<tr><td colspan=2 class=startend>Comments</td></tr>" . "<tr><td colspan=2 align=center><textarea name=comments rows=4 cols=40>" . (!empty($_POST['comments']) ? $_POST['comments'] : '') . "</textarea></td></tr>" . "<tr align=center>" . "<td class=timelog align=right><button id=end onClick=\"javascript: beforeUnLoading();\">Save Comments</button></td>" . "<td class=timelog align=left><button id=end onClick=\"javascript: doUnLoading();\">Stop Time Now</button></td>" . "</tr>" . "</table>" . "<input type=hidden name=started value=\"yes\">" . "<input type=hidden name=restart value=\"no\">" . "<input type=hidden name=taskid value=\"" . $taskid . "\">" . "<input type=hidden name=tasktitle value=\"" . $tasktitle . "\">" . "<input type=hidden name=logid value=\"" . $logid . "\">" . "</form>" . "<script language=javascript>" . "document.theForm.comments.focus();" . "var r = setTimeout('theForm.submit()',1000*60*5);" . "</script>" . "</body></html>";
    // output page
    $w->setLayout(null);
    $w->out($html);
}
开发者ID:itillawarra,项目名称:cmfive,代码行数:41,代码来源:task.actions.php

示例5: start

 /**
  * start processing of request
  * 1. look at the request parameter if the action parameter was set
  * 2. if not set, look at the pathinfo and use first
  */
 function start()
 {
     $this->initDB();
     // start the session
     // $sess = new SessionManager($this);
     session_name(SESSION_NAME);
     session_start();
     // Initialise the logger (needs to log "info" to include the request data, see LogService __call function)
     $this->Log->info("info");
     // Generate CSRF tokens and store them in the $_SESSION
     CSRF::getTokenID();
     CSRF::getTokenValue();
     $_SESSION['last_request'] = time();
     //$this->debug("Start processing: ".$_SERVER['REQUEST_URI']);
     // find out which module to use
     $module_found = false;
     $action_found = false;
     $this->_paths = $this->_getCommandPath();
     // based on request domain we can route everything to a frontend module
     // look into the domain routing and prepend the module
     $routing = Config::get('domain.route');
     $domainmodule = isset($routing[$_SERVER['HTTP_HOST']]) ? $routing[$_SERVER['HTTP_HOST']] : null;
     if (!empty($domainmodule)) {
         $this->_loginpath = "auth";
         $this->_isFrontend = true;
         // now we have to decide whether the path points to
         // a) a single top level action
         // b) an action on a submodule
         // but we need to make sure not to mistake a path paramater for a submodule or an action!
         $domainsubmodules = $this->getSubmodules($domainmodule);
         $action_or_module = !empty($this->_paths[0]) ? $this->_paths[0] : null;
         if (!empty($domainsubmodules) && !empty($action_or_module) && array_search($action_or_module, $domainsubmodules) !== false) {
             // just add the module to the first path entry, eg. frontend-page/1
             $this->_paths[0] = $domainmodule . "-" . $this->_paths[0];
         } else {
             // add the module as an entry to the front of paths, eg. frontent/index
             array_unshift($this->_paths, $domainmodule);
         }
     }
     // continue as usual
     // first find the module file
     if ($this->_paths && sizeof($this->_paths) > 0) {
         $this->_module = array_shift($this->_paths);
     }
     // then find the action
     if ($this->_paths && sizeof($this->_paths) > 0) {
         $this->_action = array_shift($this->_paths);
     }
     if (!$this->_module) {
         $this->_module = $this->_defaultHandler;
     }
     // see if the module is a sub module
     // eg. /sales-report/showreport/1..
     $hsplit = explode("-", $this->_module);
     $this->_module = array_shift($hsplit);
     $this->_submodule = array_shift($hsplit);
     // Check to see if the module is active (protect against main disabling)
     if (null !== Config::get("{$this->_module}.active") && !Config::get("{$this->_module}.active") && $this->_module !== "main") {
         $this->error("The {$this->_module} module is not active, you can change it's active state in it's config file.", "/");
     }
     if (!$this->_action) {
         $this->_action = $this->_defaultAction;
     }
     // try to load the action file
     $reqpath = $this->getModuleDir($this->_module) . 'actions/' . ($this->_submodule ? $this->_submodule . '/' : '') . $this->_action . '.php';
     if (!file_exists($reqpath)) {
         $reqpath = $this->getModuleDir($this->_module) . $this->_module . ($this->_submodule ? '.' . $this->_submodule : '') . ".actions.php";
     }
     // try to find action for the request type
     // using <module>_<action>_<type>()
     // or just <action>_<type>()
     $this->_requestMethod = $_SERVER['REQUEST_METHOD'];
     $actionmethods[] = $this->_action . '_' . $this->_requestMethod;
     $actionmethods[] = $this->_action . '_ALL';
     // Check/validate CSRF token
     $this->validateCSRF();
     // Taking out the CSRF regeneration until more testing can be done
     // if ($this->_requestMethod == 'post') {
     //     CSRF::regenerate();
     // }
     //
     // if a module file for this url exists, then start processing
     //
     if (file_exists($reqpath)) {
         $this->ctx('webroot', $this->_webroot);
         $this->ctx('module', $this->_module);
         $this->ctx('submodule', $this->_module);
         $this->ctx('action', $this->_action);
         // CHECK ACCESS!!
         $this->checkAccess();
         // will redirect if access denied!
         // load the module file
         require_once $reqpath;
     } else {
         $this->Log->error("System: No Action found for: " . $reqpath);
//.........这里部分代码省略.........
开发者ID:itillawarra,项目名称:cmfive,代码行数:101,代码来源:web.php

示例6:

<form method="POST" action="/auth/login">
    <input type="hidden" name="<?php 
echo CSRF::getTokenID();
?>
" value="<?php 
echo CSRF::getTokenValue();
?>
" />

    <label for="login">Login</label>
    <input id="login" name="login" type="text" placeholder="Your login" />
    <label for="password">Password</label>
    <input id="password" name="password" type="password" placeholder="Your password" />
    <button type="submit" class="button large-5 small-12">Login</button>
    <button type="button" onclick="window.location.href='/auth/forgotpassword';" class="button alert large-5 small-12 right">Forgot Password</button>
</form>
开发者ID:itillawarra,项目名称:cmfive,代码行数:16,代码来源:login.tpl.php

示例7: edit_POST

function edit_POST($w)
{
    $p = $w->pathMatch("id");
    $task = !empty($p["id"]) ? $w->Task->getTask($p["id"]) : new Task($w);
    $taskdata = null;
    if (!empty($p["id"])) {
        $taskdata = $w->Task->getTaskData($p['id']);
    }
    $task->fill($_POST['edit']);
    $task->assignee_id = intval($_POST['edit']['assignee_id']);
    if (empty($task->dt_due)) {
        $task->dt_due = $w->Task->getNextMonth();
    }
    $task->insertOrUpdate();
    // Tell the template what the task id is (this post action is being called via ajax)
    $w->setLayout(null);
    $w->out($task->id);
    // Get existing task_data objects for this task and update them
    $existing_task_data = $w->Task->getTaskData($task->id);
    if (!empty($existing_task_data)) {
        foreach ($existing_task_data as $e_task_data) {
            foreach ($_POST["extra"] as $key => $data) {
                if ($key == \CSRF::getTokenId()) {
                    unset($_POST["extra"][\CSRF::getTokenID()]);
                    continue;
                }
                if ($e_task_data->data_key == $key) {
                    $e_task_data->value = $data;
                    $e_task_data->update();
                    unset($_POST["extra"][$key]);
                    continue;
                }
                // If we get here then remove the existing data?
                // $e_task_data->delete();
            }
        }
    }
    // Insert data that didn't exist above as new task_data objects
    if (!empty($_POST["extra"])) {
        foreach ($_POST["extra"] as $key => $data) {
            $tdata = new TaskData($w);
            $tdata->task_id = $task->id;
            $tdata->data_key = $key;
            $tdata->value = $data;
            $tdata->insert();
        }
    }
}
开发者ID:itillawarra,项目名称:cmfive,代码行数:48,代码来源:edit.php

示例8: open

 public function open()
 {
     $buffer = "";
     $buffer .= "<form ";
     if (!empty($this->accept_charset)) {
         $buffer .= "accept-charset='{$this->accept_charset}' ";
     }
     if (!empty($this->action)) {
         $buffer .= "action='{$this->action}' ";
     }
     if (!empty($this->autocomplete)) {
         $buffer .= "autocomplete='{$this->autocomplete}' ";
     }
     if (!empty($this->enctype)) {
         $buffer .= "enctype='{$this->enctype}' ";
     }
     if (!empty($this->method)) {
         $buffer .= "method='{$this->method}' ";
     }
     if (!empty($this->name)) {
         $buffer .= "name='{$this->name}' ";
     }
     if (!empty($this->novalidate)) {
         $buffer .= "novalidate='{$this->novalidate}' ";
     }
     if (!empty($this->target)) {
         $buffer .= "target='{$this->target}' ";
     }
     if (!empty($this->id)) {
         $buffer .= "id='{$this->id}' ";
     }
     if (!empty($this->_class)) {
         $buffer .= "class='{$this->_class}' ";
     }
     $buffer .= " >";
     // Automatically print CSRF token
     if (class_exists("CSRF") && !empty($this->method) && $this->method == "POST") {
         $buffer .= "<input type='hidden' name='" . \CSRF::getTokenID() . "' value='" . \CSRF::getTokenValue() . "' />";
     }
     return $buffer;
 }
开发者ID:itillawarra,项目名称:cmfive,代码行数:41,代码来源:form.php

示例9: function

            comment_section.append(replyForm);
            
            $("#textarea_comment").focus();

            $('#comment_reply_form').submit(function() {
                $.ajax({
                    url  : '/admin/ajaxSaveComment/' + comment_id,
                    type : 'POST',
                    data : {
                        'redirect': '<?php 
    echo $redirect;
    ?>
',
                        'comment': $('#textarea_comment').val(),
                        '<?php 
    echo \CSRF::getTokenID();
    ?>
': '<?php 
    echo \CSRF::getTokenValue();
    ?>
'
                    },
                    complete: function(comment_response) {
                        toggleModalLoading();
                        window.location.reload();
                        
//                        cancelReply(replyForm);
//                        replyForm.remove();
//                        delete replyForm;
//                        
//                        comment_section.append(comment_response.responseText);
开发者ID:itillawarra,项目名称:cmfive,代码行数:31,代码来源:listcomments.tpl.php


注:本文中的CSRF::getTokenID方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。