本文整理汇总了PHP中Security::csrf方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::csrf方法的具体用法?PHP Security::csrf怎么用?PHP Security::csrf使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Security
的用法示例。
在下文中一共展示了Security::csrf方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: action_edit
/**
* Action: edit
*/
public function action_edit()
{
$this->history = false;
// Load role
$role_id = (int) $this->request->param('id', 0);
if ($role_id) {
$role = Model_Role::factory($role_id);
if (!$role->loaded()) {
throw new Model_Exception($role, $role_id);
}
Permission::required($role, Model_Role::PERMISSION_UPDATE, self::$user);
} else {
$role = Model_Role::factory();
Permission::required($role, Model_Role::PERMISSION_CREATE, self::$user);
}
// Handle post
$errors = array();
if ($_POST) {
$role->name = Arr::get($_POST, 'name');
$role->description = Arr::get($_POST, 'description');
try {
$role->save();
$this->request->redirect(Route::url('roles'));
} catch (Validation_Exception $e) {
$errors = $e->array->errors('validate');
}
}
// Set title
$this->view = View_Page::factory(__('Role') . ($role->name ? ': ' . $role->name : ''));
// Set actions
if ($role->loaded() && Permission::has($role, Model_Role::PERMISSION_DELETE, self::$user)) {
$this->page_actions[] = array('link' => Route::model($role, 'delete') . '?token=' . Security::csrf(), 'text' => '<i class="icon-trash icon-white"></i> ' . __('Delete role'), 'class' => 'btn btn-danger role-delete');
}
$this->view->add(View_Page::COLUMN_MAIN, $this->section_role($role, $errors));
}
示例2: actions
/**
* Get favorites.
*
* @return array
*/
public function actions()
{
// Clickable favorites
if (Permission::has($this->event, Model_Event::PERMISSION_FAVORITE)) {
if ($this->event->is_favorite(Visitor::$user)) {
// Favorite event, click to unfavorite
return array(HTML::anchor(Route::model($this->event, 'unfavorite') . '?token=' . Security::csrf(), $this->event->favorite_count . ' <i class="fa fa-heart"></i>', array('title' => __('Remove favorite'), 'class' => 'ajaxify btn btn-xs btn-lovely')));
} else {
// Non-favorite event, click to favorite
if ($this->event->favorite_count > 1) {
return array(HTML::anchor(Route::model($this->event, 'favorite') . '?token=' . Security::csrf(), $this->event->favorite_count . ' <i class="fa fa-heart"></i>', array('title' => __('Add to favorites'), 'class' => 'ajaxify btn btn-xs btn-default')));
} else {
return array(HTML::anchor(Route::model($this->event, 'favorite') . '?token=' . Security::csrf(), '<i class="fa fa-heart"></i>', array('title' => __('Add to favorites'), 'class' => 'ajaxify btn btn-xs btn-default text-muted')));
}
}
}
return $this->event->favorite_count ? array('<span class="btn btn-xs btn-default disabled"><i class="fa fa-heart"></i> ' . $this->event->favorite_count . '</span>') : null;
}
示例3: render
/**
* Render view.
*
* @return string
*/
public function render()
{
ob_start();
?>
<li class="media">
<div class="pull-left">
<?php
echo HTML::avatar($this->user['avatar'], $this->user['username']);
?>
</div>
<div class="media-body">
<?php
if (Visitor::$user && !Visitor::$user->is_friend($this->user)) {
?>
<?php
echo HTML::anchor(URL::user($this->user, 'friend') . '?token=' . Security::csrf(), '<i class="fa fa-heart"></i> ' . __('Add to friends'), array('class' => 'ajaxify btn btn-lovely btn-sm pull-right', 'data-ajaxify-target' => 'li.media'));
?>
<?php
}
?>
<?php
echo HTML::user($this->user);
?>
<br />
<?php
if ($this->common) {
?>
<small><?php
echo __(':friends mutual friends', array(':friends' => $this->common));
?>
</small><br />
<?php
}
?>
</div>
</li>
<?php
return ob_get_clean();
}
示例4: content
/**
* Render view.
*
* @return string
*/
public function content()
{
ob_start();
$ignores = array();
foreach ($this->user->find_ignores() as $ignore_id) {
$ignore = Model_User::find_user_light($ignore_id);
$ignores[$ignores['username']] = $ignore;
}
ksort($ignores, SORT_LOCALE_STRING);
?>
<ul class="media-list">
<?php
foreach ($ignores as $ignore) {
?>
<li class="media">
<div class="pull-left">
<?php
echo HTML::avatar($ignore['avatar'], $ignore['username']);
?>
</div>
<div class="media-body">
<?php
echo HTML::user($ignore);
?>
<br />
<?php
echo HTML::anchor(URL::user($ignore, 'unignore') . '?token=' . Security::csrf(), '<i class="fa fa-ban"></i> ' . __('Unignore'), array('class' => 'btn btn-default btn-sm ignore-delete'));
?>
</div>
</li>
<?php
}
?>
</ul>
<?php
return ob_get_clean();
}
示例5: content
/**
* Render view.
*
* @return string
*/
public function content()
{
ob_start();
$ignores = array();
foreach ($this->user->find_ignores() as $ignore_id) {
$ignore = Model_User::find_user_light($ignore_id);
$ignores[$ignores['username']] = $ignore;
}
ksort($ignores, SORT_LOCALE_STRING);
?>
<ul class="unstyled">
<?php
foreach ($ignores as $ignore) {
?>
<li class="row-fluid">
<?php
echo HTML::avatar($ignore['avatar'], $ignore['username']);
?>
<?php
echo HTML::user($ignore);
?>
<br />
<?php
echo HTML::anchor(URL::user($ignore, 'unignore') . '?token=' . Security::csrf(), '<i class="icon-ban-circle icon-white"></i> ' . __('Unignore'), array('class' => 'btn btn-inverse btn-small ignore-delete'));
?>
</li>
<?php
}
?>
</ul>
<?php
return ob_get_clean();
}
示例6: _edit_track
/**
* Edit track.
*
* @param integer $track_id
*
* @throws Model_Exception
*/
protected function _edit_track($track_id = null)
{
$this->history = false;
if ($track_id) {
// Editing old
$track = new Model_Music_Track($track_id);
if (!$track->loaded()) {
throw new Model_Exception($track, $track_id);
}
Permission::required($track, Model_Music_Track::PERMISSION_UPDATE);
$cancel = Route::model($track);
$this->view = new View_Page(HTML::chars($track->name));
// Set actions
if (Permission::has($track, Model_Music_Track::PERMISSION_DELETE)) {
$this->view->actions[] = array('link' => Route::model($track, 'delete') . '?token=' . Security::csrf(), 'text' => '<i class="fa fa-trash-o"></i> ' . __('Delete'), 'class' => 'btn-danger music-delete');
}
} else {
// Creating new
$track = new Model_Music_Track();
Permission::required($track, Model_Music_Track::PERMISSION_CREATE);
$cancel = Request::back(Route::url('charts'), true);
$newsfeed = true;
$this->view = new View_Page($this->request->param('music') === 'mixtape' ? __('New mixtape') : __('New track'));
$track->author_id = Visitor::$user->id;
$track->type = $this->request->param('music') === 'mixtape' ? Model_Music_Track::TYPE_MIX : Model_Music_Track::TYPE_TRACK;
$track->created = time();
}
// Handle post
$errors = array();
if ($_POST && Security::csrf_valid()) {
try {
$track->set_fields(Arr::intersect($_POST, Model_Music_Track::$editable_fields));
$track->save();
// Set tags
$track->set_tags(Arr::get($_POST, 'tag'));
// Newsfeed
if (isset($newsfeed) && $newsfeed) {
NewsfeedItem_Music::track(Visitor::$user, $track);
// Create forum topic
if ($track->add_forum_topic()) {
Visitor::$user->post_count++;
Visitor::$user->save();
}
}
$this->request->redirect(Route::model($track));
} catch (Validation_Exception $e) {
$errors = $e->array->errors('validation');
}
}
// Form
$section = $this->section_track_edit($track);
$section->cancel = $cancel;
$section->errors = $errors;
$this->view->add(View_Page::COLUMN_TOP, $section);
}
示例7: section_comments
/**
* Get comments section.
*
* @param Model_Blog_Entry $blog_entry
* @param string $route
* @return View_Generic_Comments
*/
public function section_comments(Model_Blog_Entry $blog_entry, $route = 'blog_comment')
{
$section = new View_Generic_Comments($blog_entry->comments(Visitor::$user));
$section->delete = Route::url($route, array('id' => '%d', 'commentaction' => 'delete')) . '?token=' . Security::csrf();
$section->private = Route::url($route, array('id' => '%d', 'commentaction' => 'private')) . '?token=' . Security::csrf();
return $section;
}
示例8: content
/**
* Render view.
*
* @return string
*/
public function content()
{
ob_start();
// Load images
$images = $this->user->images();
// Legacy support
if (!count($images) && $this->user->picture) {
echo HTML::image($this->user->picture);
}
if (count($images)) {
// Check for actions
if (Permission::has($this->user, Model_User::PERMISSION_UPDATE, self::$_user)) {
$action_uri = URL::user($this->user, 'image');
}
// Check for missing default image
$active_id = $this->user->default_image_id;
if (!$active_id) {
$image = $images->current();
$active_id = $image->id;
}
?>
<div class="carousel-inner">
<?php
foreach ($images as $image) {
?>
<div class="item<?php
echo $image->id == $active_id ? ' active' : '';
?>
">
<?php
echo HTML::image($image->get_url());
?>
<?php
if (isset($action_uri)) {
?>
<div class="btn-group">
<?php
if ($image->id == $this->user->default_image_id) {
echo HTML::anchor('#', '<i class="icon-home"></i> ' . __('Set as default'), array('class' => 'btn btn-mini image-change disabled'));
} else {
echo HTML::anchor($action_uri . '?token=' . Security::csrf() . '&default=' . $image->id, '<i class="icon-home"></i> ' . __('Set as default'), array('class' => 'btn btn-mini image-change'));
}
?>
<?php
echo HTML::anchor($action_uri . '?token=' . Security::csrf() . '&delete=' . $image->id, '<i class="icon-trash"></i> ' . __('Delete'), array('class' => 'btn btn-mini image-delete'));
?>
</div>
<?php
}
?>
</div>
<?php
}
?>
</div>
<a class="carousel-control left" href="#<?php
echo $this->id;
?>
" data-slide="prev">‹</a>
<a class="carousel-control right" href="#<?php
echo $this->id;
?>
" data-slide="next">›</a>
<?php
}
return ob_get_clean();
}
示例9: content
/**
* Render view.
*
* @return string
*/
public function content()
{
ob_start();
?>
<div class="pull-left">
<?php
if ($this->author) {
?>
<?php
echo HTML::avatar($this->author->avatar, $this->author->username);
?>
<p>
<small><?php
echo __('Posts: :posts', array(':posts' => '<var>' . Num::format($this->author->post_count, 0) . '</var>'));
?>
</small>
</p>
<?php
} else {
?>
<?php
echo HTML::avatar(false);
?>
<?php
}
?>
</div>
<div class="arrow"></div>
<div class="media-body">
<header<?php
echo $this->forum_post->id == $this->forum_topic->last_post_id ? ' id="last"' : '';
?>
>
<small class="ago">
<?php
echo HTML::anchor(Route::url($this->private ? 'forum_private_post' : 'forum_post', array('id' => Route::model_id($this->forum_post), 'topic_id' => Route::model_id($this->forum_topic))) . '#post-' . $this->forum_post->id, '#' . $this->nth, array('title' => __('Permalink')));
?>
•
<?php
if (Permission::has($this->forum_post, Model_Forum_Post::PERMISSION_UPDATE, self::$_user)) {
echo HTML::anchor(Route::url($this->private ? 'forum_private_post' : 'forum_post', array('id' => Route::model_id($this->forum_post), 'topic_id' => Route::model_id($this->forum_topic), 'action' => 'edit')), __('Edit'), array('class' => 'post-edit')) . ' • ';
}
?>
<?php
if (Permission::has($this->forum_post, Model_Forum_Post::PERMISSION_DELETE, self::$_user)) {
echo HTML::anchor(Route::url($this->private ? 'forum_private_post' : 'forum_post', array('id' => Route::model_id($this->forum_post), 'topic_id' => Route::model_id($this->forum_topic), 'action' => 'delete')) . '?token=' . Security::csrf(), __('Delete'), array('class' => 'post-delete')) . ' • ';
}
?>
<?php
if (Permission::has($this->forum_topic, Model_Forum_Topic::PERMISSION_POST, self::$_user)) {
echo HTML::anchor(Route::url($this->private ? 'forum_private_post' : 'forum_post', array('id' => Route::model_id($this->forum_post), 'topic_id' => Route::model_id($this->forum_topic), 'action' => 'quote')), __('Reply'), array('class' => 'post-quote')) . ' • ';
}
?>
<?php
echo HTML::time(Date::short_span($this->forum_post->created, true, true), $this->forum_post->created);
?>
</small>
<?php
if ($this->author) {
echo HTML::user($this->author->light_array());
if ($this->author->title) {
echo ' <small>“' . HTML::chars($this->author->title) . '”</small>';
}
} else {
echo $this->forum_post->author_name;
echo ' <small>“' . __('Guest') . '”</small>';
}
?>
</header>
<?php
if ($this->forum_post->parent_id) {
echo __('Replying to :parent', array(':parent' => HTML::anchor(Route::url($this->private ? 'forum_private_post' : 'forum_post', array('topic_id' => Route::model_id($this->forum_topic), 'id' => $this->forum_post->parent_id)) . '#post-' . $this->forum_post->parent_id, HTML::chars($this->forum_post->parent()->topic()->name))));
}
?>
<?php
echo BB::factory($this->forum_post->post)->render();
?>
<footer>
<?php
//.........这里部分代码省略.........
示例10: csrf
/**
* Creates CSRF token input.
*
* @param string $id e.g. uid
* @param string $action optional action
* @return string
*/
public static function csrf($id = '', $action = '')
{
return Form::hidden('token', Security::csrf($id, $action));
}
示例11: section_event_image
/**
* Get side image.
*
* @param Model_Event $event
* @return View_Generic_SideImage
*/
protected function section_event_image(Model_Event $event)
{
// Display front flyer by default
if ($image = $event->flyer_front()) {
$flyer = Model_Flyer::factory()->find_by_image($image->id);
$link = Route::model($flyer);
} else {
if ($image = $event->flyer_back()) {
$flyer = Model_Flyer::factory()->find_by_image($image->id);
$link = Route::model($flyer);
} else {
if (count($flyers = $event->flyers())) {
$flyer = $flyers[0];
$image = $flyer->image();
$link = Route::model($flyer);
} else {
$image = null;
$link = null;
}
}
}
if (Permission::has($event, Model_User::PERMISSION_UPDATE, self::$user)) {
$uri = Route::model($event, 'image');
$actions = array();
$actions[] = HTML::anchor($uri, '<i class="icon-plus-sign icon-white"></i> ' . __('Add flyer'), array('class' => 'btn btn-small btn-primary image-add ajaxify'));
if ($image) {
$actions[] = HTML::anchor($uri . '?token=' . Security::csrf() . '&front=' . $image->id, __('As front'), array('class' => 'btn btn-small btn-inverse image-change' . ($event->flyer_front_image_id == $image->id ? ' disabled' : ''), 'data-change' => 'front'));
$actions[] = HTML::anchor($uri . '?token=' . Security::csrf() . '&back=' . $image->id, __('As back'), array('class' => 'btn btn-small btn-inverse image-change' . ($event->flyer_back_image_id == $image->id ? ' disabled' : ''), 'data-change' => 'back'));
$actions[] = HTML::anchor($uri . '?token=' . Security::csrf() . '&delete=' . $image->id, '<i class="icon-trash"></i> ' . __('Delete'), array('class' => 'btn btn-small btn-inverse image-delete'));
}
} else {
$actions = null;
}
$section = new View_Generic_SideImage($image, $link);
$section->actions = $actions;
return $section;
}
示例12: favorites
/**
* Render favorites.
*
* @return string
*/
public function favorites()
{
// Clickable favorites
if (Permission::has($this->event, Model_Event::PERMISSION_FAVORITE, self::$_user)) {
if ($this->event->is_favorite(self::$_user)) {
// Favorite event, click to unfavorite
return HTML::anchor(Route::model($this->event, 'unfavorite') . '?token=' . Security::csrf(), '<i class="icon-heart icon-white"></i> ' . $this->event->favorite_count, array('title' => __('Remove favorite'), 'class' => 'ajaxify btn btn-small btn-lovely active'));
} else {
// Non-favorite event, click to favorite
if ($this->event->favorite_count) {
return HTML::anchor(Route::model($this->event, 'favorite') . '?token=' . Security::csrf(), '<i class="icon-heart icon-white"></i> ' . $this->event->favorite_count, array('title' => __('Add to favorites'), 'class' => 'ajaxify btn btn-small btn-inverse active'));
} else {
return HTML::anchor(Route::model($this->event, 'favorite') . '?token=' . Security::csrf(), '<i class="icon-heart"></i>', array('title' => __('Add to favorites'), 'class' => 'ajaxify btn btn-small btn-inverse active'));
}
}
}
return $this->event->favorite_count ? '<span class="btn btn-small btn-inverse disabled"><i class="icon-heart icon-white"></i> ' . $this->event->favorite_count . '</a>' : '';
}
示例13: section_image_comments
/**
* Get image comments section.
*
* @param Model_Image $image
* @param string $route
* @return View_Generic_Comments
*/
public function section_image_comments(Model_Image $image, $route = 'gallery_image_comment')
{
$section = new View_Generic_Comments($image->comments(self::$user));
$section->delete = Route::url($route, array('id' => '%d', 'commentaction' => 'delete')) . '?token=' . Security::csrf();
$section->private = false;
return $section;
}
示例14: csrf_query
/**
* Get CSRF token as a query string.
*
* @param string $id Custom token id, e.g. uid
* @param string $action Optional action
* @param integer $time Used only internally
* @return string
*/
public static function csrf_query($id = '', $action = '', $time = 0)
{
return 'token=' . Security::csrf($id, $action, $time);
}
示例15: _get_mod_image
/**
* Get image mod
*
* @param Model_User $user
* @return View_Module
*/
protected function _get_mod_image(Model_User $user)
{
if ($user->default_image->id) {
$image = $user->default_image;
} else {
if (Validate::url($user->picture)) {
$image = $user->picture;
} else {
$image = null;
}
}
return View_Module::factory('generic/side_image', array('mod_actions2' => Permission::has($user, Model_User::PERMISSION_UPDATE, self::$user) ? array(array('link' => URL::user($user, 'image') . '?token=' . Security::csrf() . '&delete', 'text' => __('Delete'), 'class' => 'image-delete disabled'), array('link' => URL::user($user, 'image') . '?token=' . Security::csrf() . '&default', 'text' => __('Set as default'), 'class' => 'image-default disabled'), array('link' => URL::user($user, 'image'), 'text' => __('Add image'), 'class' => 'image-add ajaxify')) : null, 'image' => $image));
}