Ejemplo n.º 1
0
 public function testFormSigning()
 {
     $uid = (string) crc32(__FILE__ . '_' . (__LINE__ + 3));
     $csrf = sha1(session_id());
     $form = new \Gajus\Dora\Form();
     $this->assertSame($form->getUid(), $uid);
     $this->assertSame(preg_replace('/[^a-b]/', '', '<input type="hidden" name="gajus[dora][uid]" value="' . $uid . '"><input type="hidden" name="gajus[dora][csrf]" value="' . $csrf . '">'), preg_replace('/[^a-b]/', '', $form->sign()));
 }
Ejemplo n.º 2
0
$form = new \Gajus\Dora\Form($_POST);
// Note that "bar" input has a default value:
// $form->input('bar', ['value' => mt_rand(1000,9999)])
// However, when you submit the form, this value is overwritten.
// Form signature is used to generate UID and CSRF tokens.
// UID is used to identify instance of the form that's submitted.
// Form signature is generated using $form->sign().
if ($form->isSubmitted()) {
    header('Location: ' . $_SERVER['REQUEST_URI']);
    exit;
}
?>
<form action="" method="post">
    <?php 
echo $form->input('foo');
?>
    <?php 
echo $form->input('bar', ['value' => mt_rand(1000, 9999)]);
?>
    
    <div class="button-group">
        <?php 
echo $form->input('action[submit]', ['type' => 'submit', 'value' => 'Submit'], null, null);
?>
    </div>

    <?php 
echo $form->sign();
?>
</form>