本文整理汇总了PHP中PhabricatorUser::getCSRFToken方法的典型用法代码示例。如果您正苦于以下问题:PHP PhabricatorUser::getCSRFToken方法的具体用法?PHP PhabricatorUser::getCSRFToken怎么用?PHP PhabricatorUser::getCSRFToken使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类PhabricatorUser的用法示例。
在下文中一共展示了PhabricatorUser::getCSRFToken方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: phabricator_render_form
function phabricator_render_form(PhabricatorUser $user, $attributes, $content)
{
if (strcasecmp(idx($attributes, 'method'), 'POST') == 0 && !preg_match('#^(https?:|//)#', idx($attributes, 'action'))) {
$content = phutil_render_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken())) . phutil_render_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true)) . $content;
}
return javelin_render_tag('form', $attributes, $content);
}示例2: phabricator_form
function phabricator_form(PhabricatorUser $user, $attributes, $content)
{
$body = array();
$http_method = idx($attributes, 'method');
$is_post = strcasecmp($http_method, 'POST') === 0;
$http_action = idx($attributes, 'action');
$is_absolute_uri = preg_match('#^(https?:|//)#', $http_action);
if ($is_post) {
// NOTE: We only include CSRF tokens if a URI is a local URI on the same
// domain. This is an important security feature and prevents forms which
// submit to foreign sites from leaking CSRF tokens.
// In some cases, we may construct a fully-qualified local URI. For example,
// we can construct these for download links, depending on configuration.
// These forms do not receive CSRF tokens, even though they safely could.
// This can be confusing, if you're developing for Phabricator and
// manage to construct a local form with a fully-qualified URI, since it
// won't get CSRF tokens and you'll get an exception at the other end of
// the request which is a bit disconnected from the actual root cause.
// However, this is rare, and there are reasonable cases where this
// construction occurs legitimately, and the simplest fix is to omit CSRF
// tokens for these URIs in all cases. The error message you receive also
// gives you some hints as to this potential source of error.
if (!$is_absolute_uri) {
$body[] = phutil_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken()));
$body[] = phutil_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true));
}
}
if (is_array($content)) {
$body = array_merge($body, $content);
} else {
$body[] = $content;
}
return javelin_tag('form', $attributes, $body);
}示例3: phabricator_render_form
function phabricator_render_form(PhabricatorUser $user, $attributes, $content)
{
return javelin_render_tag('form', $attributes, phutil_render_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken())) . phutil_render_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true)) . $content);
}