当前位置: 首页>>代码示例>>PHP>>正文


PHP SecurityUtil::confirmAuthKey方法代码示例

本文整理汇总了PHP中SecurityUtil::confirmAuthKey方法的典型用法代码示例。如果您正苦于以下问题:PHP SecurityUtil::confirmAuthKey方法的具体用法?PHP SecurityUtil::confirmAuthKey怎么用?PHP SecurityUtil::confirmAuthKey使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在SecurityUtil的用法示例。


在下文中一共展示了SecurityUtil::confirmAuthKey方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: updateconfig

 /**
  * Update the module configuration
  * @author:     Albert Pérez Monfort (aperezm@xtec.cat)
  * @return:	True if success or false in other case
  */
 public function updateconfig($args)
 {
     // Get parameters from whatever input we need.
     $showHideFiles = FormUtil::getPassedValue('showHideFiles', isset($args['showHideFiles']) ? $args['showHideFiles'] : 0, 'POST');
     $folderPath = FormUtil::getPassedValue('folderPath', isset($args['folderPath']) ? $args['folderPath'] : null, 'POST');
     $usersFolder = FormUtil::getPassedValue('usersFolder', isset($args['usersFolder']) ? $args['usersFolder'] : null, 'POST');
     $allowedExtensions = FormUtil::getPassedValue('allowedExtensions', isset($args['allowedExtensions']) ? $args['allowedExtensions'] : null, 'POST');
     $defaultQuota = FormUtil::getPassedValue('defaultQuota', isset($args['defaultQuota']) ? $args['defaultQuota'] : null, 'POST');
     $filesMaxSize = FormUtil::getPassedValue('filesMaxSize', isset($args['filesMaxSize']) ? $args['filesMaxSize'] : null, 'POST');
     $maxWidth = FormUtil::getPassedValue('maxWidth', isset($args['maxWidth']) ? $args['maxWidth'] : null, 'POST');
     $maxHeight = FormUtil::getPassedValue('maxHeight', isset($args['maxHeight']) ? $args['maxHeight'] : null, 'POST');
     $editableExtensions = FormUtil::getPassedValue('editableExtensions', isset($args['editableExtensions']) ? $args['editableExtensions'] : null, 'POST');
     // Security check
     if (!SecurityUtil::checkPermission('Files::', '::', ACCESS_ADMIN)) {
         return LogUtil::registerPermissionError();
     }
     // Confirm authorisation code
     if (!SecurityUtil::confirmAuthKey()) {
         return LogUtil::registerAuthidError(ModUtil::url('Files', 'admin', 'main'));
     }
     $moduleVars = array('showHideFiles' => $showHideFiles, 'allowedExtensions' => $allowedExtensions, 'defaultQuota' => $defaultQuota, 'filesMaxSize' => $filesMaxSize, 'maxWidth' => $maxWidth, 'maxHeight' => $maxHeight, 'editableExtensions' => $editableExtensions);
     if ($GLOBALS['PNConfig']['Multisites']['multi'] != 1) {
         if (!file_exists($folderPath)) {
             ModUtil::setVars('Files', $moduleVars);
             LogUtil::registerError($this->__f('The directory <strong>%s</strong> does not exist', $folderPath));
             return System::redirect(ModUtil::url('Files', 'admin', 'main'));
         }
         $folderPath = substr($folderPath, -1) == '/' ? substr($folderPath, 0, strlen($folderPath) - 1) : $folderPath;
         $moduleVars['folderPath'] = $folderPath;
     }
     if (!file_exists($folderPath . '/' . $usersFolder) || $usersFolder == '' || $usersFolder == null) {
         ModUtil::setVars('Files', $moduleVars);
         LogUtil::registerError($this->__f('The directory <strong>%s</strong> for users does not exist', $usersFolder));
         return System::redirect(ModUtil::url('Files', 'admin', 'main'));
     }
     $usersFolder = substr($usersFolder, -1) == '/' ? substr($usersFolder, 0, strlen($usersFolder) - 1) : $usersFolder;
     $usersFolder = substr($usersFolder, 0, 1) == '/' ? substr($usersFolder, 1, strlen($usersFolder)) : $usersFolder;
     $moduleVars['usersFolder'] = $usersFolder;
     ModUtil::setVars('Files', $moduleVars);
     LogUtil::registerStatus($this->__('The configuration has been updated'));
     // This function generated no output, and so now it is complete we redirect
     // the user to an appropriate page for them to carry on their work
     return System::redirect(ModUtil::url('Files', 'admin', 'main'));
 }
开发者ID:hardtoneselector,项目名称:Files,代码行数:49,代码来源:Admin.php

示例2: mediashareSourceZipUpdate

function mediashareSourceZipUpdate()
{
    if (!SecurityUtil::confirmAuthKey()) {
        return LogUtil::registerAuthidError();
    }
    $mediaIds = FormUtil::getPassedValue('mediaId');
    foreach ($mediaIds as $mediaId) {
        $mediaId = (int) $mediaId;
        $title = FormUtil::getPassedValue("title-{$mediaId}");
        $keywords = FormUtil::getPassedValue("keywords-{$mediaId}");
        $description = FormUtil::getPassedValue("description-{$mediaId}");
        // Check access
        if (!mediashareAccessItem($mediaId, mediashareAccessRequirementEditMedia, '')) {
            return LogUtil::registerPermissionError();
        }
        $args = array('mediaId' => $mediaId, 'title' => $title, 'keywords' => $keywords, 'description' => $description);
        if (!pnModAPIFunc('mediashare', 'edit', 'updateItem', $args)) {
            return false;
        }
    }
    return true;
}
开发者ID:ro0f,项目名称:Mediashare,代码行数:22,代码来源:pnsource_zip.php

示例3: mediashareUpdateAccess

function mediashareUpdateAccess($args)
{
    if (!SecurityUtil::confirmAuthKey()) {
        return LogUtil::registerAuthidError();
    }
    $albumId = mediashareGetIntUrl('aid', $args, 1);
    if (!($groups = pnModAPIFunc('mediashare', 'edit', 'getAccessGroups'))) {
        return false;
    }
    $access = array();
    foreach ($groups as $group) {
        $accessView = FormUtil::getPassedValue('accessView' . $group['groupId']) != null;
        $accessEditAlbum = FormUtil::getPassedValue('accessEditAlbum' . $group['groupId']) != null;
        $accessEditMedia = FormUtil::getPassedValue('accessEditMedia' . $group['groupId']) != null;
        $accessAddAlbum = FormUtil::getPassedValue('accessAddAlbum' . $group['groupId']) != null;
        $accessAddMedia = FormUtil::getPassedValue('accessAddMedia' . $group['groupId']) != null;
        $access[] = array('groupId' => $group['groupId'], 'accessView' => $accessView, 'accessEditAlbum' => $accessEditAlbum, 'accessEditMedia' => $accessEditMedia, 'accessAddAlbum' => $accessAddAlbum, 'accessAddMedia' => $accessAddMedia);
    }
    if (!pnModAPIFunc('mediashare', 'edit', 'updateAccessSettings', array('albumId' => $albumId, 'access' => $access))) {
        return false;
    }
    return pnRedirect(pnModURL('mediashare', 'edit', 'view', array('aid' => $albumId)));
}
开发者ID:ro0f,项目名称:Mediashare,代码行数:23,代码来源:pnedit.php

示例4: pnSecConfirmAuthKey

/**
 * confirm an authorisation key is valid
 *
 * See description of <code>pnSecGenAuthKey</code> for information on
 * this function
 *
 * @deprecated
 * @see SecurityUtil::confirmAuthKey()
 * @return bool true if the key is valid, false if it is not
 */
function pnSecConfirmAuthKey()
{
    LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array(__FUNCTION__, 'SecurityUtil::confirmAuthKey()')), E_USER_DEPRECATED);

    return SecurityUtil::confirmAuthKey();
}
开发者ID:,项目名称:,代码行数:16,代码来源:

示例5: Admin_Messages_admin_updateconfig

/**
 * This is a standard function to update the configuration parameters of the
 * module given the information passed back by the modification form
 * @author Mark West
 * @see Admin_Messages_admin_modifyconfig()
 * @param int $itemsperpage the number messages per page in the admin panel
 * @return bool true if successful, false otherwise
 */
function Admin_Messages_admin_updateconfig()
{
    // Security check
    if (!SecurityUtil::checkPermission('Admin_Messages::', '::', ACCESS_ADMIN)) {
        return LogUtil::registerPermissionError();
    }
    // Confirm authorisation code.
    if (!SecurityUtil::confirmAuthKey()) {
        return LogUtil::registerAuthidError(ModUtil::url('Admin_Messages', 'admin', 'view'));
    }
    // Update module variables.
    $itemsperpage = (int) FormUtil::getPassedValue('itemsperpage', 25, 'POST');
    if ($itemsperpage < 1) {
        $itemsperpage = 25;
    }
    ModUtil::setVar('Admin_Messages', 'itemsperpage', $itemsperpage);
    $allowsearchinactive = (bool) FormUtil::getPassedValue('allowsearchinactive', false, 'POST');
    ModUtil::setVar('Admin_Messages', 'allowsearchinactive', $allowsearchinactive);
    // Let any other modules know that the modules configuration has been updated
    ModUtil::callHooks('module', 'updateconfig', 'Admin_Messages', array('module' => 'Admin_Messages'));
    // the module configuration has been updated successfuly
    LogUtil::registerStatus(__('Done! Saved module configuration.'));
    // This function generated no output, and so now it is complete we redirect
    // the user to an appropriate page for them to carry on their work
    return System::redirect(ModUtil::url('Admin_Messages', 'admin', 'view'));
}
开发者ID:robbrandt,项目名称:AdminMessages,代码行数:34,代码来源:pnadmin.php

示例6: upload

 /**
  * Avatar_user_upload()
  *
  * This is the upload function.
  * It takes the uploaded file, performs the relevant checks to see if
  * the file meets the upload policy, and sets the uploaded file as the
  * new avatar of the user.
  */
 public function upload($args)
 {
     // permission check
     if (!SecurityUtil::checkPermission('Avatar::', '::', ACCESS_COMMENT)) {
         return LogUtil::registerPermissionError();
     }
     if (!SecurityUtil::confirmAuthKey()) {
         return LogUtil::registerAuthidError();
     }
     // get the file
     $uploadfile = $_FILES['filelocale'];
     if (!is_uploaded_file($_FILES['filelocale']['tmp_name'])) {
         return LogUtil::registerError($this->__('Error! No file selected.'));
     }
     $tmp_file = tempnam(System::getVar('temp'), 'Avatar');
     move_uploaded_file($_FILES['filelocale']['tmp_name'], $tmp_file);
     $modvars = ModUtil::getVar('Avatar');
     $avatarpath = ModUtil::getVar('Users', 'avatarpath');
     // check for file size limit
     if (!$modvars['allow_resize'] && filesize($tmp_file) > $modvars['maxsize']) {
         unlink($tmp_file);
         return LogUtil::registerError($this->__f('Error! Filesize error, max %s bytes are allowed.', $modvars['maxsize']));
     }
     // Get image information
     $imageinfo = getimagesize($tmp_file);
     // file is not an image
     if (!$imageinfo) {
         unlink($tmp_file);
         return LogUtil::registerError($this->__('Error! The file is not an image.'));
     }
     $extension = image_type_to_extension($imageinfo[2], false);
     // check for image type
     if (!in_array($extension, explode(';', $modvars['allowed_extensions']))) {
         unlink($tmp_file);
         return LogUtil::registerError($this->__f('Error! UnSecurityUtil::checkPermission* file extension. Allowed extensions: %s.', $modvars['allowed_extensions']));
     }
     // check for image dimensions limit
     if ($imageinfo[0] > $modvars['maxwidth'] || $imageinfo[1] > $modvars['maxheight']) {
         if (!$modvars['allow_resize']) {
             unlink($tmp_file);
             return LogUtil::registerError($this->__f('Error! Image height (max. %1$s px) or width (max. %2$s px) error.', array($modvars['maxheight'], $modvars['maxwidth'])));
         } else {
             // resize the image
             // get the new dimensions
             $width = $imageinfo[0];
             $height = $imageinfo[1];
             if ($width > $modvars['maxwidth']) {
                 $height = $modvars['maxwidth'] / $width * $height;
                 $width = $modvars['maxwidth'];
             }
             if ($height > $modvars['maxheight']) {
                 $width = $modvars['maxheight'] / $height * $width;
                 $height = $modvars['maxheight'];
             }
             // get the correct functions based on the image type
             switch ($imageinfo[2]) {
                 case 1:
                     $createfunc = 'imagecreatefromgif';
                     $savefunc = 'imagegif';
                     break;
                 case 2:
                     $createfunc = 'ImageCreateFromJpeg';
                     $savefunc = 'imagejpeg';
                     break;
                 case 3:
                     $createfunc = 'imagecreatefrompng';
                     $savefunc = 'imagepng';
                     break;
                 case 4:
                     $createfunc = 'imagecreatefromwbmp';
                     $savefunc = 'imagewbmp';
                     break;
             }
             $srcImage = $createfunc($tmp_file);
             $destImage = imagecreatetruecolor($width, $height);
             imagecopyresampled($destImage, $srcImage, 0, 0, 0, 0, $width, $height, $imageinfo[0], $imageinfo[1]);
             $savefunc($destImage, $tmp_file);
             // free the memory
             imagedestroy($srcImage);
             imagedestroy($destImage);
         }
     }
     // everything's OK, so move'em
     $uid = UserUtil::getVar('uid');
     $avatarfilenamewithoutextension = 'pers_' . $uid;
     $avatarfilename = $avatarfilenamewithoutextension . '.' . $extension;
     $user_avatar = DataUtil::formatForOS($avatarpath . '/' . $avatarfilename);
     $pnphpbb_avatar = DataUtil::formatForOS($modvars['forumdir'] . '/' . $avatarfilename);
     // delete old user avatar with this extension
     // this allows the users to have a avatar available for each extension that is allowed
     if ($modvars['allow_multiple'] == false) {
         // users are not allowed to store more than one avatar
//.........这里部分代码省略.........
开发者ID:robbrandt,项目名称:Avatar,代码行数:101,代码来源:User.php

示例7: moveListFile

 /**
  * Move a list file
  * @author:	Albert Pérez Monfort & Robert Barrera
  * @param:	args 	Array with the list of files and the folder where it generates
  * @return:	True if success and false if not
  */
 public function moveListFile($args)
 {
     $listFileName = FormUtil::getPassedValue('listFileName', isset($args['listFileName']) ? $args['listFileName'] : null, 'REQUEST');
     $folder = FormUtil::getPassedValue('folder', isset($args['folder']) ? $args['folder'] : null, 'REQUEST');
     $folder = str_replace("|", "/", $folder);
     $confirm = FormUtil::getPassedValue('confirm', isset($args['confirm']) ? $args['confirm'] : null, 'POST');
     $external = FormUtil::getPassedValue('external', isset($args['external']) ? $args['external'] : null, 'POST');
     $hook = FormUtil::getPassedValue('hook', isset($args['hook']) ? $args['hook'] : null, 'POST');
     // security check
     if (!SecurityUtil::checkPermission('Files::', "::", ACCESS_ADD)) {
         return LogUtil::registerError($this->__('Error! You are not authorized to access this module.'), 403);
     }
     $initFolderPath = ModUtil::func('Files', 'user', 'getInitFolderPath');
     // protection. User can not navigate out their root folder
     if ($folder == ".." || $folder == "." || strpos($folder, "..") !== false) {
         $errorMsg = $this->__('Invalid folder') . ': ' . $folder;
         $this->view->assign('errorMsg', $errorMsg);
         return $this->view->fetch('Files_user_errorMsg.tpl');
     }
     if (!$confirm) {
         $url = $initFolderPath;
         $directoris = ModUtil::func('Files', 'user', 'getListDirRecursive', array('dir' => $url));
         foreach ($directoris as $dir) {
             foreach ($listFileName as $file) {
                 $file = $folder != "" ? $folder . "/" . $file : $file;
                 if (is_dir($url . "/" . $file) && strpos($dir, $file) === 0) {
                     $array_dir[] = $dir;
                     $directoris = array_diff($directoris, $array_dir);
                 }
             }
         }
         // create output object
         $this->view->assign('listFileName', DataUtil::formatForDisplay($listFileName));
         $this->view->assign('directoris', DataUtil::formatForDisplay($directoris));
         $this->view->assign('folder', DataUtil::formatForDisplay($folder));
         $this->view->assign('hook', $hook);
         if ($external == 1) {
             $this->view->assign('external', 1);
             $content = $this->view->fetch('Files_user_moveListFile.tpl');
             echo $content;
             exit;
         } else {
             $this->view->assign('external', 0);
             return $this->view->fetch('Files_user_moveListFile.tpl');
         }
     }
     $returnType = $external == 1 ? 'external' : 'user';
     $returnFunc = $external == 1 ? 'getFiles' : 'main';
     // confirm authorisation code
     if (!SecurityUtil::confirmAuthKey()) {
         return LogUtil::registerAuthidError(ModUtil::url('Files', $returnType, $returnFunc, array('folder' => $folder, 'hook' => $hook)));
     }
     $url_old = $folder != "" ? $initFolderPath . "/" . $folder . "/" : $initFolderPath . "/";
     $url_new = $confirm != "root_inital_value" ? $initFolderPath . '/' . $confirm . '/' : $initFolderPath . '/';
     // move action
     foreach ($listFileName as $file) {
         if (!rename($url_old . $file, $url_new . $file)) {
             LogUtil::registerError($this->__('Error moving') . ': ' . $file);
             $folder = str_replace("/", "|", $folder);
             return System::redirect(ModUtil::url('Files', $returnType, $returnFunc, array('folder' => $folder, 'hook' => $hook)));
         }
         //check if the file is an image and move its thumbnail
         if (FileUtil::getExtension($file) == ('jpg' || 'gif' || 'png') && file_exists($url_old . '.tbn/' . $file)) {
             if (!file_exists($url_new . '.tbn')) {
                 mkdir($url_new . '.tbn');
             }
             if (!rename($url_old . '.tbn/' . $file, $url_new . '.tbn/' . $file)) {
                 LogUtil::registerError($this->__('Error moving') . ': ' . $file);
                 $folder = str_replace("/", "|", $folder);
                 return System::redirect(ModUtil::url('Files', $returnType, $returnFunc, array('folder' => $folder, 'hook' => $hook)));
             }
         }
     }
     // protect the folders with the .htaccess and .locked files
     ModUtil::func('Files', 'user', 'createProtectFiles', array('folder' => str_replace($initFolderPath . '/', '', $url_new)));
     LogUtil::registerStatus($this->__('Successfully moved'));
     $folder = str_replace("/", "|", $folder);
     return System::redirect(ModUtil::url('Files', $returnType, $returnFunc, array('folder' => $folder, 'hook' => $hook)));
 }
开发者ID:hardtoneselector,项目名称:Files,代码行数:85,代码来源:User.php


注:本文中的SecurityUtil::confirmAuthKey方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。