本文整理汇总了PHP中SecurityUtil::validateCsrfToken方法的典型用法代码示例。如果您正苦于以下问题:PHP SecurityUtil::validateCsrfToken方法的具体用法?PHP SecurityUtil::validateCsrfToken怎么用?PHP SecurityUtil::validateCsrfToken使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类SecurityUtil
的用法示例。
在下文中一共展示了SecurityUtil::validateCsrfToken方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: execute
/**
* Main event loop handler.
*
* This is the function to call instead of the normal $view->fetch(...).
*
* @param boolean $template Name of template file.
* @param Zikula_Form_AbstractHandler $eventHandler Instance of object that inherits from Zikula_Form_AbstractHandler.
*
* @return mixed False on errors, true on redirects, and otherwise it returns the HTML output for the page.
*/
public function execute($template, Zikula_Form_AbstractHandler $eventHandler)
{
if (!$eventHandler instanceof Zikula_Form_AbstractHandler) {
throw new Zikula_Exception_Fatal('Form handlers must inherit from Zikula_Form_AbstractHandler.');
}
// Save handler for later use
$this->eventHandler = $eventHandler;
$this->eventHandler->setView($this);
$this->eventHandler->setEntityManager($this->entityManager);
$this->eventHandler->setRequest($this->request);
$this->eventHandler->setDomain($this->domain);
$this->eventHandler->setName($this->getModuleName());
$this->eventHandler->setup();
$this->eventHandler->preInitialize();
if ($this->isPostBack()) {
if (!SecurityUtil::validateCsrfToken($this->request->request->filter('csrftoken', '', FILTER_SANITIZE_STRING), $this->serviceManager)) {
return LogUtil::registerAuthidError();
}
// retrieve form id
$formId = $this->request->request->filter("__formid", '', FILTER_SANITIZE_STRING);
$this->setFormId($formId);
$this->decodeIncludes();
$this->decodeStateData();
$this->decodeState();
if ($this->eventHandler->initialize($this) === false) {
return $this->getErrorMsg();
}
// if we get this far, the form processed correctly and we can GC the session
unset($_SESSION['__formid'][$this->formId]);
$this->eventHandler->postInitialize();
// (no create event)
$this->initializePlugins();
// initialize event
$this->decodePlugins();
// decode event
$this->decodePostBackEvent();
// Execute optional postback after plugins have read their values
} else {
$this->setFormId(uniqid('f'));
if ($this->eventHandler->initialize($this) === false) {
return $this->getErrorMsg();
}
$this->eventHandler->postInitialize();
}
// render event (calls registerPlugin)
$this->assign('__formid', $this->formId);
$output = $this->fetch($template);
if ($this->hasError()) {
return $this->getErrorMsg();
}
// Check redirection at this point, ignore any generated HTML if redirected is required.
// We cannot skip HTML generation entirely in case of System::redirect since there might be
// some relevant code to execute in the plugins.
if ($this->redirected) {
// only reach this point if redirectTarget is a Zikula\Core\ModUrl
return new RedirectResponse(System::normalizeUrl($this->redirectTarget->getUrl()));
}
return $output;
}
示例2: isCsrfTokenValid
/**
* {@inheritdoc}
*/
public function isCsrfTokenValid($intention, $token)
{
return \SecurityUtil::validateCsrfToken($token);
}