本文整理汇总了PHP中CSRF::isEnabled方法的典型用法代码示例。如果您正苦于以下问题:PHP CSRF::isEnabled方法的具体用法?PHP CSRF::isEnabled怎么用?PHP CSRF::isEnabled使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类CSRF的用法示例。
在下文中一共展示了CSRF::isEnabled方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: doCheckLogin
function doCheckLogin()
{
global $config;
if (!isset($_POST[LOGIN_FORM_USERNAME]) || !isset($_POST[LOGIN_FORM_PASSWORD])) {
return;
}
$username = trim(stripslashes(@$_POST[LOGIN_FORM_USERNAME]));
$password = stripslashes(@$_POST[LOGIN_FORM_PASSWORD]);
session_init();
if (CSRF::isEnabled() && !isset($_SESSION[CSRF::SESSION_KEY])) {
echo '<p style="color: red;">PHP Session seems to have failed!</p>';
CSRF::ValidateToken();
exit;
}
CSRF::ValidateToken();
$password = md5($password);
$config['user']->doLogin($username, $password);
if ($config['user']->isOk() && getVar('error') == '') {
// success
$lastpage = getLastPage();
if (strpos($lastpage, 'login') !== FALSE) {
$lastpage = './';
}
ForwardTo($lastpage);
exit;
}
unset($username, $password);
}示例2: doChangePassword
function doChangePassword()
{
global $config;
if (!isset($_POST[CHANGEPASS_FORM_PASSWORD]) || !isset($_POST[CHANGEPASS_FORM_CONFIRM])) {
return NULL;
}
$password = trim(stripslashes(@$_POST[CHANGEPASS_FORM_PASSWORD]));
$confirm = trim(stripslashes(@$_POST[CHANGEPASS_FORM_CONFIRM]));
unset($_POST[CHANGEPASS_FORM_PASSWORD]);
unset($_POST[CHANGEPASS_FORM_CONFIRM]);
session_init();
if (CSRF::isEnabled() && !isset($_SESSION[CSRF::SESSION_KEY])) {
echo '<p style="color: red;">PHP Session seems to have failed!</p>';
CSRF::ValidateToken();
exit;
}
CSRF::ValidateToken();
// check passwords match
if ($password !== $confirm) {
$_SESSION['error'][] = 'Passwords don\'t match. Please try again.';
return FALSE;
}
// check password length
if (strlen($password) < 6) {
$_SESSION['error'][] = 'Password is to short, must be at least 6 characters long.';
return FALSE;
}
// update password in database
$result = $config['user']->ChangePassword(md5($password));
// successful change
if ($result !== FALSE) {
// password has been changed
$_SESSION['Temp Pass'] = FALSE;
$lastpage = getLastPage();
if (strpos($lastpage, 'login') !== FALSE || strpos($lastpage, 'changepass') !== FALSE) {
$lastpage = './';
}
ForwardTo($lastpage);
exit;
}
return FALSE;
}示例3: doCheckLogin
function doCheckLogin()
{
global $config;
if (!isset($_POST[LOGIN_FORM_USERNAME]) || !isset($_POST[LOGIN_FORM_PASSWORD])) {
return NULL;
}
$username = trim(stripslashes(@$_POST[LOGIN_FORM_USERNAME]));
$password = trim(stripslashes(@$_POST[LOGIN_FORM_PASSWORD]));
unset($_POST[LOGIN_FORM_PASSWORD]);
session_init();
if (CSRF::isEnabled() && !isset($_SESSION[CSRF::SESSION_KEY])) {
echo '<p style="color: red;">PHP Session seems to have failed!</p>';
CSRF::ValidateToken();
exit;
}
CSRF::ValidateToken();
// check hashed password
$result = $config['user']->doLogin($username, md5($password));
// try temporary password
if ($result !== TRUE && strlen($password) < 32) {
// unset($_GET['error']);
$result = $config['user']->doLogin($username, $password);
if ($result === TRUE && $config['user']->isOk() && getVar('error') == '') {
$_SESSION['Temp Pass'] = TRUE;
unset($_SESSION['error']);
}
}
// successful login
if ($result !== FALSE && $config['user']->isOk() && getVar('error') == '') {
$lastpage = getLastPage();
if (strpos($lastpage, 'login') !== FALSE) {
$lastpage = './';
}
ForwardTo($lastpage);
exit;
}
unset($username, $password);
return TRUE;
}