本文整理匯總了PHP中PhabricatorUser::getCSRFToken方法的典型用法代碼示例。如果您正苦於以下問題:PHP PhabricatorUser::getCSRFToken方法的具體用法?PHP PhabricatorUser::getCSRFToken怎麽用?PHP PhabricatorUser::getCSRFToken使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類PhabricatorUser的用法示例。
在下文中一共展示了PhabricatorUser::getCSRFToken方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: phabricator_render_form
function phabricator_render_form(PhabricatorUser $user, $attributes, $content)
{
if (strcasecmp(idx($attributes, 'method'), 'POST') == 0 && !preg_match('#^(https?:|//)#', idx($attributes, 'action'))) {
$content = phutil_render_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken())) . phutil_render_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true)) . $content;
}
return javelin_render_tag('form', $attributes, $content);
}示例2: phabricator_form
function phabricator_form(PhabricatorUser $user, $attributes, $content)
{
$body = array();
$http_method = idx($attributes, 'method');
$is_post = strcasecmp($http_method, 'POST') === 0;
$http_action = idx($attributes, 'action');
$is_absolute_uri = preg_match('#^(https?:|//)#', $http_action);
if ($is_post) {
// NOTE: We only include CSRF tokens if a URI is a local URI on the same
// domain. This is an important security feature and prevents forms which
// submit to foreign sites from leaking CSRF tokens.
// In some cases, we may construct a fully-qualified local URI. For example,
// we can construct these for download links, depending on configuration.
// These forms do not receive CSRF tokens, even though they safely could.
// This can be confusing, if you're developing for Phabricator and
// manage to construct a local form with a fully-qualified URI, since it
// won't get CSRF tokens and you'll get an exception at the other end of
// the request which is a bit disconnected from the actual root cause.
// However, this is rare, and there are reasonable cases where this
// construction occurs legitimately, and the simplest fix is to omit CSRF
// tokens for these URIs in all cases. The error message you receive also
// gives you some hints as to this potential source of error.
if (!$is_absolute_uri) {
$body[] = phutil_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken()));
$body[] = phutil_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true));
}
}
if (is_array($content)) {
$body = array_merge($body, $content);
} else {
$body[] = $content;
}
return javelin_tag('form', $attributes, $body);
}示例3: phabricator_render_form
function phabricator_render_form(PhabricatorUser $user, $attributes, $content)
{
return javelin_render_tag('form', $attributes, phutil_render_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken())) . phutil_render_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true)) . $content);
}