本文整理匯總了PHP中ESAPI::getHTTPUtilities方法的典型用法代碼示例。如果您正苦於以下問題:PHP ESAPI::getHTTPUtilities方法的具體用法?PHP ESAPI::getHTTPUtilities怎麽用?PHP ESAPI::getHTTPUtilities使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類ESAPI的用法示例。
在下文中一共展示了ESAPI::getHTTPUtilities方法的2個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: exit
//Make sure to run this script as a "PHP Web Page"
if (php_sapi_name() === 'cli') {
exit('ERROR: This script must be run from the browser.' . PHP_EOL);
}
$ESAPI = new ESAPI(__DIR__ . "/testresources/ESAPI.xml");
ob_start();
session_start();
$view = '';
$tests = null;
if (isset($_SESSION) && isset($_SESSION['tests'])) {
$tests =& $_SESSION['tests'];
} else {
$tests = array('csi' => 'changeSessionIdentifier', 'token' => 'verifyCSRFToken', 'cookie' => 'killAllCookies (incl. killCookie)', 'log' => 'logHTTPRequest', 'logo' => 'logHTTPRequestObfuscate');
$_SESSION['tests'] =& $tests;
}
$util = ESAPI::getHTTPUtilities();
$req = new SafeRequest();
$uri = ESAPI::getEncoder()->encodeForHTML($req->getRequestURI());
if ($req->getParameter('req') == 'test1') {
try {
$util->verifyCSRFToken($req);
$view .= '<p>Your Request contained the CSRF token we have in your session. Good!</p>';
} catch (IntrusionException $e) {
$view .= '<p>Your Request did NOT contain the CSRF token we have in your session. Did you tamper??</p>';
}
$tests['token'] .= ' - DONE';
$oldSessID = session_id();
$sr = $util->changeSessionIdentifier();
if ($sr === true) {
$view .= '<p>Your session was regenerated. ID went from: ';
$view .= ESAPI::getEncoder()->encodeForHTML($oldSessID);示例2: setUp
/**
* Constructor ensures global ESAPI is set and stores an instance of
* DefaultHTTPUtilities.
*/
protected function setUp()
{
$this->_httpUtils = ESAPI::getHTTPUtilities();
}