本文整理汇总了PHP中rcube_utils::request_header方法的典型用法代码示例。如果您正苦于以下问题:PHP rcube_utils::request_header方法的具体用法?PHP rcube_utils::request_header怎么用?PHP rcube_utils::request_header使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类rcube_utils的用法示例。
在下文中一共展示了rcube_utils::request_header方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: array
$OUTPUT->send('iframe');
}
// check if installer is still active
if ($RCMAIL->config->get('enable_installer') && is_readable('./installer/index.php')) {
$OUTPUT->add_footer(html::div(array('style' => "background:#ef9398; border:2px solid #dc5757; padding:0.5em; margin:2em auto; width:50em"), html::tag('h2', array('style' => "margin-top:0.2em"), "Installer script is still accessible") . html::p(null, "The install script of your Roundcube installation is still stored in its default location!") . html::p(null, "Please <b>remove</b> the whole <tt>installer</tt> folder from the Roundcube directory because .\r\n these files may expose sensitive configuration data like server passwords and encryption keys\r\n to the public. Make sure you cannot access the <a href=\"./installer/\">installer script</a> from your browser.")));
}
$plugin = $RCMAIL->plugins->exec_hook('unauthenticated', array('task' => 'login', 'error' => $session_error));
$RCMAIL->set_task($plugin['task']);
$OUTPUT->send($plugin['task']);
} else {
// don't check for valid request tokens in these actions
$request_check_whitelist = array('login' => 1, 'spell' => 1, 'spell_html' => 1);
if (!$request_check_whitelist[$RCMAIL->action]) {
// check client X-header to verify request origin
if ($OUTPUT->ajax_call) {
if (rcube_utils::request_header('X-Roundcube-Request') != $RCMAIL->get_request_token()) {
header('HTTP/1.1 403 Forbidden');
die("Invalid Request");
}
} else {
if (!empty($_POST) && !$RCMAIL->check_request()) {
$OUTPUT->show_message('invalidrequest', 'error');
$OUTPUT->send($RCMAIL->task);
}
}
// check referer if configured
if ($RCMAIL->config->get('referer_check') && !rcube_utils::check_referer()) {
raise_error(array('code' => 403, 'type' => 'php', 'message' => "Referer check failed"), true, true);
}
}
}示例2: check_request
/**
* Check if the current request contains a valid token.
* Empty requests aren't checked until use_secure_urls is set.
*
* @param int Request method
*
* @return boolean True if request token is valid false if not
*/
public function check_request($mode = rcube_utils::INPUT_POST)
{
// check secure token in URL if enabled
if ($token = $this->get_secure_url_token()) {
foreach (explode('/', preg_replace('/[?#&].*$/', '', $_SERVER['REQUEST_URI'])) as $tok) {
if ($tok == $token) {
return true;
}
}
$this->request_status = self::REQUEST_ERROR_URL;
return false;
}
$sess_tok = $this->get_request_token();
// ajax requests
if (rcube_utils::request_header('X-Roundcube-Request') == $sess_tok) {
return true;
}
// skip empty requests
if ($mode == rcube_utils::INPUT_POST && empty($_POST) || $mode == rcube_utils::INPUT_GET && empty($_GET)) {
return true;
}
// default method of securing requests
$token = rcube_utils::get_input_value('_token', $mode);
$sess_id = $_COOKIE[ini_get('session.name')];
if (empty($sess_id) || $token != $sess_tok) {
$this->request_status = self::REQUEST_ERROR_TOKEN;
return false;
}
return true;
}示例3: array
}
// check if installer is still active
if ($RCMAIL->config->get('enable_installer') && is_readable('./installer/index.php')) {
$OUTPUT->add_footer(html::div(array('style' => "background:#ef9398; border:2px solid #dc5757; padding:0.5em; margin:2em auto; width:50em"), html::tag('h2', array('style' => "margin-top:0.2em"), "Installer script is still accessible") . html::p(null, "The install script of your Roundcube installation is still stored in its default location!") . html::p(null, "Please <b>remove</b> the whole <tt>installer</tt> folder from the Roundcube directory because .\n these files may expose sensitive configuration data like server passwords and encryption keys\n to the public. Make sure you cannot access the <a href=\"./installer/\">installer script</a> from your browser.")));
}
if ($session_error || $_REQUEST['_err'] == 'session') {
$OUTPUT->show_message('sessionerror', 'error', null, true, -1);
}
$RCMAIL->set_task('login');
$OUTPUT->send('login');
} else {
// don't check for valid request tokens in these actions
$request_check_whitelist = array('login' => 1, 'spell' => 1);
// check client X-header to verify request origin
if ($OUTPUT->ajax_call) {
if (rcube_utils::request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) {
header('HTTP/1.1 403 Forbidden');
die("Invalid Request");
}
} else {
if (!empty($_POST) && !$request_check_whitelist[$RCMAIL->action] && !$RCMAIL->check_request()) {
$OUTPUT->show_message('invalidrequest', 'error');
$OUTPUT->send($RCMAIL->task);
}
}
// check referer if configured
if (!$request_check_whitelist[$RCMAIL->action] && $RCMAIL->config->get('referer_check') && !rcmail::check_referer()) {
raise_error(array('code' => 403, 'type' => 'php', 'message' => "Referer check failed"), true, true);
}
}
// we're ready, user is authenticated and the request is safe示例4: rc_request_header
function rc_request_header($name)
{
return rcube_utils::request_header($name);
}示例5: rc_request_header
function rc_request_header($name)
{
_deprecation_warning(__FUNCTION__);
return rcube_utils::request_header($name);
}