当前位置: 首页>>代码示例>>PHP>>正文


PHP t3lib_div::hmac方法代码示例

本文整理汇总了PHP中t3lib_div::hmac方法的典型用法代码示例。如果您正苦于以下问题:PHP t3lib_div::hmac方法的具体用法?PHP t3lib_div::hmac怎么用?PHP t3lib_div::hmac使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在t3lib_div的用法示例。


在下文中一共展示了t3lib_div::hmac方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: init

 /**
  * The init Function, to check the access rights
  *
  * @return void
  */
 function init()
 {
     $this->arrExtConf = $this->GetExtConf();
     $this->u = intval(t3lib_div::_GP('u'));
     if (!$this->u) {
         $this->u = 0;
     }
     $this->hash = t3lib_div::_GP('hash');
     $this->t = t3lib_div::_GP('t');
     $this->file = t3lib_div::_GP('file');
     $this->data = $this->u . $this->file . $this->t;
     $this->checkhash = t3lib_div::hmac($this->data);
     // Hook for init:
     if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/naw_securedl/class.tx_nawsecuredl_output.php']['init'])) {
         $_params = array('pObj' => &$this);
         foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/naw_securedl/class.tx_nawsecuredl_output.php']['init'] as $_funcRef) {
             t3lib_div::callUserFunction($_funcRef, $_params, $this);
         }
     }
     if ($this->checkhash != $this->hash) {
         header('HTTP/1.1 403 Forbidden');
         exit('Access denied!');
     }
     if (intval($this->t) < time()) {
         header('HTTP/1.1 403 Forbidden');
         exit('Access denied!');
     }
     $this->feUserObj = tslib_eidtools::initFeUser();
     tslib_eidtools::connectDB();
     if ($this->u != 0) {
         $feuser = $this->feUserObj->user['uid'];
         if ($this->u != $feuser) {
             header('HTTP/1.1 403 Forbidden');
             exit('Access denied!');
         }
     }
 }
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:42,代码来源:class.tx_nawsecuredl_output.php

示例2: locDataJU

 /**
  * Returns a URL parameter string setting parameters for secure downloads by "jumpurl".
  * Helper function for filelink()
  *
  * @param	string		The URL to jump to, basically the filepath
  * @param	array		TypoScript properties for the "jumpurl.secure" property of "filelink"
  * @return	string		URL parameters like "&juSecure=1....."
  * @access private
  * @see filelink()
  */
 function locDataJU($jumpUrl, $conf)
 {
     $fI = pathinfo($jumpUrl);
     $mimetype = '';
     $mimetypeValue = '';
     if ($fI['extension']) {
         $mimeTypes = t3lib_div::trimExplode(',', $conf['mimeTypes'], 1);
         foreach ($mimeTypes as $v) {
             $parts = explode('=', $v, 2);
             if (strtolower($fI['extension']) == strtolower(trim($parts[0]))) {
                 $mimetypeValue = trim($parts[1]);
                 $mimetype = '&mimeType=' . rawurlencode($mimetypeValue);
                 break;
             }
         }
     }
     $locationData = $GLOBALS['TSFE']->id . ':' . $this->currentRecord;
     $rec = '&locationData=' . rawurlencode($locationData);
     $hArr = array($jumpUrl, $locationData, $mimetypeValue);
     $juHash = '&juHash=' . t3lib_div::hmac(serialize($hArr));
     return '&juSecure=1' . $mimetype . $rec . $juHash;
 }
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:32,代码来源:class.tslib_content.php

示例3: tokenFromSessionDataIsAvailableForValidateToken

 /**
  * @test
  */
 public function tokenFromSessionDataIsAvailableForValidateToken()
 {
     $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
     $formName = 'foo';
     $action = 'edit';
     $formInstanceName = '42';
     $tokenId = \t3lib_div::hmac($formName . $action . $formInstanceName . $sessionToken);
     $_SESSION['installToolFormToken'] = $sessionToken;
     $this->fixture->retrieveSessionToken();
     $this->assertTrue($this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName));
 }
开发者ID:noxludo,项目名称:TYPO3v4-Core,代码行数:14,代码来源:class.t3lib_formprotection_InstallToolFormProtectionTest.php

示例4: areFieldChangeFunctionsValid

 /**
  * Determines whether submitted field change functions are valid
  * and are coming from the system and not from an external abuse.
  *
  * @return boolean Whether the submitted field change functions are valid
  */
 protected function areFieldChangeFunctionsValid()
 {
     return isset($this->P['fieldChangeFunc']) && is_array($this->P['fieldChangeFunc']) && isset($this->P['fieldChangeFuncHash']) && $this->P['fieldChangeFuncHash'] == t3lib_div::hmac(serialize($this->P['fieldChangeFunc']));
 }
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:10,代码来源:wizard_tsconfig.php

示例5: start

 /**
  * Start function
  * This class is able to generate a mail in formmail-style from the data in $V
  * Fields:
  *
  * [recipient]:			email-adress of the one to receive the mail. If array, then all values are expected to be recipients
  * [attachment]:		....
  *
  * [subject]:			The subject of the mail
  * [from_email]:		Sender email. If not set, [email] is used
  * [from_name]:			Sender name. If not set, [name] is used
  * [replyto_email]:		Reply-to email. If not set [from_email] is used
  * [replyto_name]:		Reply-to name. If not set [from_name] is used
  * [organisation]:		Organization (header)
  * [priority]:			Priority, 1-5, default 3
  * [html_enabled]:		If mail is sent as html
  * [use_base64]:		If set, base64 encoding will be used instead of quoted-printable
  *
  * @param	array		Contains values for the field names listed above (with slashes removed if from POST input)
  * @param	boolean		Whether to base64 encode the mail content
  * @return	void
  */
 function start($valueList, $base64 = false)
 {
     $this->mailMessage = t3lib_div::makeInstance('t3lib_mail_Message');
     if ($GLOBALS['TSFE']->config['config']['formMailCharset']) {
         // Respect formMailCharset if it was set
         $this->characterSet = $GLOBALS['TSFE']->csConvObj->parse_charset($GLOBALS['TSFE']->config['config']['formMailCharset']);
     } elseif ($GLOBALS['TSFE']->metaCharset != $GLOBALS['TSFE']->renderCharset) {
         // Use metaCharset for mail if different from renderCharset
         $this->characterSet = $GLOBALS['TSFE']->metaCharset;
     }
     if ($base64 || $valueList['use_base64']) {
         $this->encoding = 'base64';
     }
     if (isset($valueList['recipient'])) {
         // convert form data from renderCharset to mail charset
         $this->subject = $valueList['subject'] ? $valueList['subject'] : 'Formmail on ' . t3lib_div::getIndpEnv('HTTP_HOST');
         $this->subject = $this->sanitizeHeaderString($this->subject);
         $this->fromName = $valueList['from_name'] ? $valueList['from_name'] : ($valueList['name'] ? $valueList['name'] : '');
         $this->fromName = $this->sanitizeHeaderString($this->fromName);
         $this->replyToName = $valueList['replyto_name'] ? $valueList['replyto_name'] : $this->fromName;
         $this->replyToName = $this->sanitizeHeaderString($this->replyToName);
         $this->organisation = $valueList['organisation'] ? $valueList['organisation'] : '';
         $this->organisation = $this->sanitizeHeaderString($this->organisation);
         $this->fromAddress = $valueList['from_email'] ? $valueList['from_email'] : ($valueList['email'] ? $valueList['email'] : '');
         if (!t3lib_div::validEmail($this->fromAddress)) {
             $this->fromAddress = t3lib_utility_Mail::getSystemFromAddress();
             $this->fromName = t3lib_utility_Mail::getSystemFromName();
         }
         $this->replyToAddress = $valueList['replyto_email'] ? $valueList['replyto_email'] : $this->fromAddress;
         $this->priority = $valueList['priority'] ? t3lib_div::intInRange($valueList['priority'], 1, 5) : 3;
         // auto responder
         $this->autoRespondMessage = trim($valueList['auto_respond_msg']) && $this->fromAddress ? trim($valueList['auto_respond_msg']) : '';
         if ($this->autoRespondMessage !== '') {
             // Check if the value of the auto responder message has been modified with evil intentions
             $autoRespondChecksum = $valueList['auto_respond_checksum'];
             $correctHmacChecksum = t3lib_div::hmac($this->autoRespondMessage);
             if ($autoRespondChecksum !== $correctHmacChecksum) {
                 t3lib_div::sysLog('Possible misuse of t3lib_formmail auto respond method. Subject: ' . $valueList['subject'], 'Core', 3);
                 return;
             } else {
                 $this->autoRespondMessage = $this->sanitizeHeaderString($this->autoRespondMessage);
             }
         }
         $plainTextContent = '';
         $htmlContent = '<table border="0" cellpadding="2" cellspacing="2">';
         // Runs through $V and generates the mail
         if (is_array($valueList)) {
             foreach ($valueList as $key => $val) {
                 if (!t3lib_div::inList($this->reserved_names, $key)) {
                     $space = strlen($val) > 60 ? LF : '';
                     $val = is_array($val) ? implode($val, LF) : $val;
                     // convert form data from renderCharset to mail charset (HTML may use entities)
                     $plainTextValue = $val;
                     $HtmlValue = htmlspecialchars($val);
                     $plainTextContent .= strtoupper($key) . ':  ' . $space . $plainTextValue . LF . $space;
                     $htmlContent .= '<tr><td bgcolor="#eeeeee"><font face="Verdana" size="1"><strong>' . strtoupper($key) . '</strong></font></td><td bgcolor="#eeeeee"><font face="Verdana" size="1">' . nl2br($HtmlValue) . '&nbsp;</font></td></tr>';
                 }
             }
         }
         $htmlContent .= '</table>';
         $this->plainContent = $plainTextContent;
         if ($valueList['html_enabled']) {
             $this->mailMessage->setBody($htmlContent, 'text/html');
             $this->mailMessage->addPart($plainTextContent, 'text/plain');
         } else {
             $this->mailMessage->setBody($plainTextContent, 'text/plain');
         }
         for ($a = 0; $a < 10; $a++) {
             $variableName = 'attachment' . ($a ? $a : '');
             if (!isset($_FILES[$variableName])) {
                 continue;
             }
             if (!is_uploaded_file($_FILES[$variableName]['tmp_name'])) {
                 t3lib_div::sysLog('Possible abuse of t3lib_formmail: temporary file "' . $_FILES[$variableName]['tmp_name'] . '" ("' . $_FILES[$variableName]['name'] . '") was not an uploaded file.', 'Core', 3);
             }
             if ($_FILES[$variableName]['tmp_name']['error'] !== UPLOAD_ERR_OK) {
                 t3lib_div::sysLog('Error in uploaded file in t3lib_formmail: temporary file "' . $_FILES[$variableName]['tmp_name'] . '" ("' . $_FILES[$variableName]['name'] . '") Error code: ' . $_FILES[$variableName]['tmp_name']['error'], 'Core', 3);
             }
//.........这里部分代码省略.........
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:101,代码来源:class.t3lib_formmail.php

示例6: makeSecure

 /**
  * [Describe function...]
  *
  * @param	[type]		$element: ...
  * @return	[type]		...
  */
 function makeSecure($element)
 {
     //header("Content-type: text/css; charset=UTF-8");
     if ($GLOBALS['TSFE']->fe_user->user['uid']) {
         $this->feuser = $GLOBALS['TSFE']->fe_user->user['uid'];
     } else {
         $this->feuser = 0;
     }
     //$securefilename = 'secure.php';
     $securefilename = 'index.php?eID=tx_nawsecuredl';
     //$tmp = explode(PATH_site,t3lib_extMgm::extPath('naw_securedl'),2);
     //$pre_dir = dirname(t3lib_div::getIndpEnv('SCRIPT_NAME'));
     //$pre_dir = str_replace('\\','/',$pre_dir);
     //if ($pre_dir != '/') $pre_dir .= '/';
     //$path_and_file_to_secure = $pre_dir.$tmp[1].$securefilename;
     $path_and_file_to_secure = $securefilename;
     $cachetimeadd = $this->extConf['cachetimeadd'];
     if ($GLOBALS['TSFE']->page['cache_timeout'] == 0) {
         $timeout = 86400 + time() + $cachetimeadd;
     } else {
         $timeout = $GLOBALS['TSFE']->page['cache_timeout'] + time() + $cachetimeadd;
     }
     // $element contains the URL which is already urlencoded by TYPO3.
     // Since we check the hash in the output script using the decoded filename we must decode it here also!
     $data = $this->feuser . rawurldecode($element) . $timeout;
     $hash = t3lib_div::hmac($data);
     $file = $element;
     $returnPath = $path_and_file_to_secure . '&amp;u=' . $this->feuser . '&amp;file=' . $file . '&amp;t=' . $timeout . '&amp;hash=' . $hash;
     // Hook for makeSecure:
     if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/naw_securedl/class.tx_nawsecuredl.php']['makeSecure'])) {
         foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/naw_securedl/class.tx_nawsecuredl.php']['makeSecure'] as $_funcRef) {
             $returnPath = t3lib_div::callUserFunction($_funcRef, $returnPath, $this);
         }
     }
     return $returnPath;
 }
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:42,代码来源:class.tx_nawsecuredl.php

示例7: tokenFromSessionDataIsAvailableForValidateToken

 /**
  * @test
  */
 public function tokenFromSessionDataIsAvailableForValidateToken()
 {
     $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
     $formName = 'foo';
     $action = 'edit';
     $formInstanceName = '42';
     $tokenId = \t3lib_div::hmac($formName . $action . $formInstanceName . $sessionToken);
     $GLOBALS['BE_USER']->expects($this->atLeastOnce())->method('getSessionData')->with('formSessionToken')->will($this->returnValue($sessionToken));
     $this->fixture->retrieveSessionToken();
     $this->assertTrue($this->fixture->validateToken($tokenId, $formName, $action, $formInstanceName));
 }
开发者ID:noxludo,项目名称:TYPO3v4-Core,代码行数:14,代码来源:class.t3lib_formprotection_BackendFormProtectionTest.php

示例8: tiplink

 /**
  * Generates the tipUrl link for the configuration.
  *
  * @return string
  */
 protected function tiplink()
 {
     $url = t3lib_div::getIndpEnv('TYPO3_REQUEST_URL');
     $subpart = $this->cObj->getSubpart($this->templateCode, '###TEMPLATE_TIPLINK###');
     // Generate link configuration
     $tConf = $this->typolink_conf;
     $tConf['additionalParams'] .= '&tipUrl=' . rawurlencode($url) . '&tipHash=' . t3lib_div::hmac($url, $this->hmacSalt);
     if (empty($subpart)) {
         // Support native link output for easier update
         if (!empty($this->conf['value'])) {
             $value = $this->cObj->stdWrap($this->conf['value'], $this->conf['value.']);
         } else {
             $value = $this->pi_getLL('link');
         }
         return $this->cObj->typoLink($value, $tConf);
     } else {
         // Generate markerArray for template substitution
         $wrappedSubpartArray = array();
         $wrappedSubpartArray['###LINK###'] = $this->cObj->typolinkWrap($tConf);
         $markerArray = array();
         $markerArray['###URL###'] = $url;
         $markerArray['###URL_ENCODED###'] = rawurlencode($url);
         $markerArray['###URL_SPECIALCHARS###'] = htmlspecialchars($url);
         $markerArray['###TAF_LINK###'] = $this->pi_getLL('link');
         // Substitute
         $content = $this->cObj->substituteMarkerArrayCached($subpart, $markerArray, array(), $wrappedSubpartArray);
         return $content;
     }
 }
开发者ID:CPS-IT,项目名称:TYPO3-tipafriend_plus,代码行数:34,代码来源:class.tx_tipafriendplus_pi1.php

示例9: init

 /**
  * Init function, setting the input vars in the global space.
  *
  * @return	void
  */
 function init()
 {
     // Loading internal vars with the GET/POST parameters from outside:
     $this->file = t3lib_div::_GP('file');
     $parametersArray = t3lib_div::_GP('parameters');
     $this->frame = t3lib_div::_GP('frame');
     $this->md5 = t3lib_div::_GP('md5');
     // ***********************
     // Check parameters
     // ***********************
     // If no file-param or parameters are given, we must exit
     if (!$this->file || !isset($parametersArray) || !is_array($parametersArray)) {
         throw new UnexpectedValueException('Parameter Error: No file or no parameters given.');
     }
     $this->parametersEncoded = implode($parametersArray);
     // Chech md5-checksum: If this md5-value does not match the one submitted, then we fail... (this is a kind of security that somebody don't just hit the script with a lot of different parameters
     $md5_value = t3lib_div::hmac(implode('|', array($this->file, $this->parametersEncoded)));
     if ($md5_value != $this->md5) {
         throw new UnexpectedValueException('Parameter Error: Wrong parameters sent.');
     }
     $parameters = unserialize(base64_decode($this->parametersEncoded));
     foreach ($parameters as $parameterName => $parameterValue) {
         $this->{$parameterName} = $parameterValue;
     }
     // ***********************
     // Check the file. If must be in a directory beneath the dir of this script...
     // $this->file remains unchanged, because of the code in stdgraphic, but we do check if the file exists within the current path
     // ***********************
     $test_file = PATH_site . $this->file;
     if (!t3lib_div::validPathStr($test_file)) {
         throw new UnexpectedValueException('Parameter Error: No valid filepath');
     }
     if (!@is_file($test_file)) {
         throw new UnexpectedValueException('The given file was not found');
     }
 }
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:41,代码来源:showpic.php

示例10: renderWizards

    /**
     * Rendering wizards for form fields.
     *
     * @param	array		Array with the real item in the first value, and an alternative item in the second value.
     * @param	array		The "wizard" key from the config array for the field (from TCA)
     * @param	string		Table name
     * @param	array		The record array
     * @param	string		The field name
     * @param	array		Additional configuration array. (passed by reference!)
     * @param	string		The field name
     * @param	array		Special configuration if available.
     * @param	boolean		Whether the RTE could have been loaded.
     * @return	string		The new item value.
     */
    function renderWizards($itemKinds, $wizConf, $table, $row, $field, &$PA, $itemName, $specConf, $RTE = 0)
    {
        // Init:
        $fieldChangeFunc = $PA['fieldChangeFunc'];
        $item = $itemKinds[0];
        $outArr = array();
        $colorBoxLinks = array();
        $fName = '[' . $table . '][' . $row['uid'] . '][' . $field . ']';
        $md5ID = 'ID' . t3lib_div::shortmd5($itemName);
        $listFlag = '_list';
        $prefixOfFormElName = 'data[' . $table . '][' . $row['uid'] . '][' . $field . ']';
        if (t3lib_div::isFirstPartOfStr($PA['itemFormElName'], $prefixOfFormElName)) {
            $flexFormPath = str_replace('][', '/', substr($PA['itemFormElName'], strlen($prefixOfFormElName) + 1, -1));
        }
        // Manipulate the field name (to be the true form field name) and remove a suffix-value if the item is a selector box with renderMode "singlebox":
        if ($PA['fieldConf']['config']['form_type'] == 'select') {
            if ($PA['fieldConf']['config']['maxitems'] <= 1) {
                // Single select situation:
                $listFlag = '';
            } elseif ($PA['fieldConf']['config']['renderMode'] == 'singlebox') {
                $itemName .= '[]';
                $listFlag = '';
            }
        }
        // traverse wizards:
        if (is_array($wizConf) && !$this->disableWizards) {
            $parametersOfWizards =& $specConf['wizards']['parameters'];
            foreach ($wizConf as $wid => $wConf) {
                if (substr($wid, 0, 1) != '_' && (!$wConf['enableByTypeConfig'] || is_array($parametersOfWizards) && in_array($wid, $parametersOfWizards)) && ($RTE || !$wConf['RTEonly'])) {
                    // Title / icon:
                    $iTitle = htmlspecialchars($this->sL($wConf['title']));
                    if ($wConf['icon']) {
                        $icon = $this->getIconHtml($wConf['icon'], $iTitle, $iTitle);
                    } else {
                        $icon = $iTitle;
                    }
                    //
                    switch ((string) $wConf['type']) {
                        case 'userFunc':
                        case 'script':
                        case 'popup':
                        case 'colorbox':
                            if (!$wConf['notNewRecords'] || t3lib_div::testInt($row['uid'])) {
                                // Setting &P array contents:
                                $params = array();
                                $params['params'] = $wConf['params'];
                                $params['exampleImg'] = $wConf['exampleImg'];
                                $params['table'] = $table;
                                $params['uid'] = $row['uid'];
                                $params['pid'] = $row['pid'];
                                $params['field'] = $field;
                                $params['flexFormPath'] = $flexFormPath;
                                $params['md5ID'] = $md5ID;
                                $params['returnUrl'] = $this->thisReturnUrl();
                                // Resolving script filename and setting URL.
                                if (!strcmp(substr($wConf['script'], 0, 4), 'EXT:')) {
                                    $wScript = t3lib_div::getFileAbsFileName($wConf['script']);
                                    if ($wScript) {
                                        $wScript = '../' . substr($wScript, strlen(PATH_site));
                                    } else {
                                        break;
                                    }
                                } else {
                                    $wScript = $wConf['script'];
                                }
                                $url = $this->backPath . $wScript . (strstr($wScript, '?') ? '' : '?');
                                // If there is no script and the type is "colorbox", break right away:
                                if ((string) $wConf['type'] == 'colorbox' && !$wConf['script']) {
                                    break;
                                }
                                // If "script" type, create the links around the icon:
                                if ((string) $wConf['type'] == 'script') {
                                    $aUrl = $url . t3lib_div::implodeArrayForUrl('', array('P' => $params));
                                    $outArr[] = '<a href="' . htmlspecialchars($aUrl) . '" onclick="' . $this->blur() . 'return !TBE_EDITOR.isFormChanged();">' . $icon . '</a>';
                                } else {
                                    // ... else types "popup", "colorbox" and "userFunc" will need additional parameters:
                                    $params['formName'] = $this->formName;
                                    $params['itemName'] = $itemName;
                                    $params['fieldChangeFunc'] = $fieldChangeFunc;
                                    $params['fieldChangeFuncHash'] = t3lib_div::hmac(serialize($fieldChangeFunc));
                                    switch ((string) $wConf['type']) {
                                        case 'popup':
                                        case 'colorbox':
                                            // Current form value is passed as P[currentValue]!
                                            $addJS = $wConf['popup_onlyOpenIfSelected'] ? 'if (!TBE_EDITOR.curSelected(\'' . $itemName . $listFlag . '\')){alert(' . $GLOBALS['LANG']->JScharCode($this->getLL('m_noSelItemForEdit')) . '); return false;}' : '';
                                            $curSelectedValues = '+\'&P[currentSelectedValues]=\'+TBE_EDITOR.curSelected(\'' . $itemName . $listFlag . '\')';
//.........这里部分代码省略.........
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:101,代码来源:class.t3lib_tceforms.php

示例11: hmacReturnsNotEqualHashesForNotEqualInput

 /**
  * @test
  */
 public function hmacReturnsNotEqualHashesForNotEqualInput()
 {
     $msg0 = 'message0';
     $msg1 = 'message1';
     $this->assertNotEquals(t3lib_div::hmac($msg0), t3lib_div::hmac($msg1));
 }
开发者ID:zsolt-molnar,项目名称:TYPO3-4.5-trunk,代码行数:9,代码来源:t3lib_divTest.php

示例12: areFieldChangeFunctionsValid

 /**
  * Determines whether submitted field change functions are valid
  * and are coming from the system and not from an external abuse.
  *
  * @param boolean $allowFlexformSections Whether to handle flexform sections differently
  * @return boolean Whether the submitted field change functions are valid
  */
 protected function areFieldChangeFunctionsValid($handleFlexformSections = FALSE)
 {
     $result = FALSE;
     if (isset($this->P['fieldChangeFunc']) && is_array($this->P['fieldChangeFunc']) && isset($this->P['fieldChangeFuncHash'])) {
         $matches = array();
         $pattern = '#\\[el\\]\\[(([^]-]+-[^]-]+-)(idx\\d+-)([^]]+))\\]#i';
         $fieldChangeFunctions = $this->P['fieldChangeFunc'];
         // Special handling of flexform sections:
         // Field change functions are modified in JavaScript, thus the hash is always invalid
         if ($handleFlexformSections && preg_match($pattern, $this->P['itemName'], $matches)) {
             $originalName = $matches[1];
             $cleanedName = $matches[2] . $matches[4];
             foreach ($fieldChangeFunctions as &$value) {
                 $value = str_replace($originalName, $cleanedName, $value);
             }
         }
         $result = $this->P['fieldChangeFuncHash'] === t3lib_div::hmac(serialize($fieldChangeFunctions));
     }
     return $result;
 }
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:27,代码来源:class.browse_links.php

示例13: areFieldChangeFunctionsValid

 /**
  * Determines whether submitted field change functions are valid
  * and are coming from the system and not from an external abuse.
  *
  * @return boolean Whether the submitted field change functions are valid
  */
 protected function areFieldChangeFunctionsValid()
 {
     return $this->fieldChangeFunc && $this->fieldChangeFuncHash && $this->fieldChangeFuncHash == t3lib_div::hmac($this->fieldChangeFunc);
 }
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:10,代码来源:wizard_colorpicker.php

示例14: render


//.........这里部分代码省略.........
                     for ($a = 0; $a < $iCount; $a++) {
                         $optionParts = '';
                         $radioId = $prefix . $fName . $this->cObj->cleanFormName($items[$a][0]);
                         if ($accessibility) {
                             $radioLabelIdAttribute = ' id="' . $radioId . '"';
                         } else {
                             $radioLabelIdAttribute = '';
                         }
                         $optionParts .= '<input type="radio" name="' . $confData['fieldname'] . '"' . $radioLabelIdAttribute . ' value="' . $items[$a][1] . '"' . (!strcmp($items[$a][1], $default) ? ' checked="checked"' : '') . $addParams . ' />';
                         if ($accessibility) {
                             $label = isset($conf['radioWrap.']) ? $this->cObj->stdWrap(trim($items[$a][0]), $conf['radioWrap.']) : trim($items[$a][0]);
                             $optionParts .= '<label for="' . $radioId . '">' . $label . '</label>';
                         } else {
                             $optionParts .= isset($conf['radioWrap.']) ? $this->cObj->stdWrap(trim($items[$a][0]), $conf['radioWrap.']) : trim($items[$a][0]);
                         }
                         $option .= isset($conf['radioInputWrap.']) ? $this->cObj->stdWrap($optionParts, $conf['radioInputWrap.']) : $optionParts;
                     }
                     if ($accessibility) {
                         $accessibilityWrap = isset($conf['radioWrap.']['accessibilityWrap.']) ? $this->cObj->stdWrap($conf['radioWrap.']['accessibilityWrap'], $conf['radioWrap.']['accessibilityWrap.']) : $conf['radioWrap.']['accessibilityWrap.'];
                         if ($accessibilityWrap) {
                             $search = array('###RADIO_FIELD_ID###', '###RADIO_GROUP_LABEL###');
                             $replace = array($elementIdAttribute, $confData['label']);
                             $accessibilityWrap = str_replace($search, $replace, $accessibilityWrap);
                             $option = $this->cObj->wrap($option, $accessibilityWrap);
                         }
                     }
                     $fieldCode = $option;
                     break;
                 case 'hidden':
                     $value = trim($parts[2]);
                     // If this form includes an auto responder message, include a HMAC checksum field
                     // in order to verify potential abuse of this feature.
                     if (strlen($value) && t3lib_div::inList($confData['fieldname'], 'auto_respond_msg')) {
                         $hmacChecksum = t3lib_div::hmac($value);
                         $hiddenfields .= sprintf('<input type="hidden" name="auto_respond_checksum" id="%sauto_respond_checksum" value="%s" />', $prefix, $hmacChecksum);
                     }
                     if (strlen($value) && t3lib_div::inList('recipient_copy,recipient', $confData['fieldname']) && $GLOBALS['TYPO3_CONF_VARS']['FE']['secureFormmail']) {
                         break;
                     }
                     if (strlen($value) && t3lib_div::inList('recipient_copy,recipient', $confData['fieldname'])) {
                         $value = $GLOBALS['TSFE']->codeString($value);
                     }
                     $hiddenfields .= sprintf('<input type="hidden" name="%s"%s value="%s" />', $confData['fieldname'], $elementIdAttribute, htmlspecialchars($value));
                     break;
                 case 'property':
                     if (t3lib_div::inList('type,locationData,goodMess,badMess,emailMess', $confData['fieldname'])) {
                         $value = trim($parts[2]);
                         $propertyOverride[$confData['fieldname']] = $value;
                         $conf[$confData['fieldname']] = $value;
                     }
                     break;
                 case 'submit':
                     $value = trim($parts[2]);
                     if ($conf['image.']) {
                         $this->cObj->data[$this->cObj->currentValKey] = $value;
                         $image = $this->cObj->IMG_RESOURCE($conf['image.']);
                         $params = $conf['image.']['params'] ? ' ' . $conf['image.']['params'] : '';
                         $params .= $this->cObj->getAltParam($conf['image.'], FALSE);
                         $params .= $addParams;
                     } else {
                         $image = '';
                     }
                     if ($image) {
                         $fieldCode = sprintf('<input type="image" name="%s"%s src="%s"%s />', $confData['fieldname'], $elementIdAttribute, $image, $params);
                     } else {
                         $fieldCode = sprintf('<input type="submit" name="%s"%s value="%s"%s />', $confData['fieldname'], $elementIdAttribute, t3lib_div::deHSCentities(htmlspecialchars($value)), $addParams);
开发者ID:NaveedWebdeveloper,项目名称:Test,代码行数:67,代码来源:class.tslib_content_form.php


注:本文中的t3lib_div::hmac方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。