public function executeCommunity(opWebRequest $request)
{
$this->forwardIf($request->isSmartphone(), 'timeline', 'smtCommunity');
$this->communityId = $request->getParameter('id');
$this->community = Doctrine::getTable('Community')->find($this->communityId);
$this->forward404Unless($this->community, 'Undefined community.');
sfConfig::set('sf_nav_type', 'community');
$this->baseUrl = sfConfig::get('op_base_url');
$form = new sfForm();
$this->token = $form->getCSRFToken();
return sfView::SUCCESS;
}
<hr class="toumei">
</div>
<div class="span1">
<?php
echo op_image_tag('UPARROW', array('class' => 'toggle1_close'));
?>
</div>
</div>
<div class="row">
<textarea class="posttextarea span12" rows="4" id="gorgon-textarea-body"></textarea>
</div>
<hr class="toumei">
<div class="row">
<?php
$form = new sfForm();
$csrfToken = $form->getCSRFToken();
?>
<button class="span10 offset1 btn small primary" id="gorgon-submit" data-post-csrftoken="<?php
echo $csrfToken;
?>
" data-post-baseurl="<?php
echo url_for('@homepage', array('absolute' => true));
?>
">POST</button>
</div>
<hr class="toumei">
<hr class="toumei">
<hr class="toumei">
<hr class="toumei">
<hr class="toumei">
<hr class="toumei">
echo __('Delete profile entry');
?>
</h2>
<p><?php
echo __('Do you want to delete this anyway?');
?>
</p>
<p><?php
echo __('※All the member\'s data in this entry will be lost.');
?>
</p>
<form action="<?php
echo url_for('profile/delete?id=' . $profile->getId());
?>
" method="post">
<?php
$formCSRF = new sfForm();
?>
<input type="hidden" name="<?php
echo $formCSRF->getCSRFFieldName();
?>
" value="<?php
echo $formCSRF->getCSRFToken();
?>
" />
<input type="submit" value="<?php
echo __('Delete');
?>
" />
</form>
function button_link_to($title, $action, $target = "_self")
{
$form = new sfForm();
return sprintf('<form action="%s" method="post" target="%s">' . '<input type="hidden" name="%s" value="%s" />' . '<input type="submit" value="%s" />' . '</form>', url_for($action), $target, $form->getCSRFFieldName(), $form->getCSRFToken(), __($title));
}
function _method_javascript_function($method)
{
$function = "var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'post'; f.action = this.href;";
if ('post' != strtolower($method)) {
$function .= "var m = document.createElement('input'); m.setAttribute('type', 'hidden'); ";
$function .= sprintf("m.setAttribute('name', 'sf_method'); m.setAttribute('value', '%s'); f.appendChild(m);", strtolower($method));
}
// CSRF protection
$form = new sfForm();
if ($form->isCSRFProtected()) {
$function .= "var m = document.createElement('input'); m.setAttribute('type', 'hidden'); ";
$function .= sprintf("m.setAttribute('name', '%s'); m.setAttribute('value', '%s'); f.appendChild(m);", $form->getCSRFFieldName(), $form->getCSRFToken());
}
$function .= "f.submit();";
return $function;
}
/**
* Returns the javascript needed for a remote function.
* Takes the same arguments as 'link_to_remote()'.
*
* Example:
* <select id="options" onchange="<?php echo remote_function(array('update' => 'options', 'url' => '@update_options')) ?>">
* <option value="0">Hello</option>
* <option value="1">World</option>
* </select>
*/
function jq_remote_function($options)
{
// Defining elements to update
if (isset($options['update']) && is_array($options['update'])) {
// On success, update the element with returned data
if (isset($options['update']['success'])) {
$update_success = "#" . $options['update']['success'];
}
// On failure, execute a client-side function
if (isset($options['update']['failure'])) {
$update_failure = $options['update']['failure'];
}
} else {
if (isset($options['update'])) {
$update_success = "#" . $options['update'];
}
}
// Update method
$updateMethod = _update_method(isset($options['position']) ? $options['position'] : '');
// Callbacks
if (isset($options['loading'])) {
$callback_loading = $options['loading'];
}
if (isset($options['complete'])) {
$callback_complete = $options['complete'];
}
if (isset($options['success'])) {
$callback_success = $options['success'];
}
$execute = 'false';
if (isset($options['script']) && $options['script'] == '1') {
$execute = 'true';
}
// Data Type
if (isset($options['dataType'])) {
$dataType = $options['dataType'];
} elseif ($execute) {
$dataType = 'html';
} else {
$dataType = 'text';
}
// POST or GET ?
$method = 'POST';
if (isset($options['method']) && strtoupper($options['method']) == 'GET') {
$method = $options['method'];
}
// async or sync, async is default
if (isset($options['type']) && $options['type'] == 'synchronous') {
$type = 'false';
}
// Is it a form submitting
if (isset($options['form'])) {
$formData = 'jQuery(this).serialize()';
} elseif (isset($options['submit'])) {
$formData = '{\'#' . $options['submit'] . '\'}.serialize()';
} elseif (isset($options['with'])) {
$formData = $options['with'];
} elseif (isset($options['csrf']) && $options['csrf'] == '1') {
$form = new sfForm();
if ($form->isCSRFProtected()) {
$formData = '{' . $form->getCSRFFieldName() . ': \'' . $form->getCSRFToken() . '\'}';
}
}
// build the function
$function = "jQuery.ajax({";
$function .= 'type:\'' . $method . '\'';
$function .= ',dataType:\'' . $dataType . '\'';
if (isset($type)) {
$function .= ',async:' . $type;
}
if (isset($formData)) {
$function .= ',data:' . $formData;
}
if (isset($update_success) and !isset($callback_success)) {
$function .= ',success:function(data, textStatus){jQuery(\'' . $update_success . '\').' . $updateMethod . '(data);}';
}
if (isset($update_failure)) {
$function .= ',error:function(XMLHttpRequest, textStatus, errorThrown){' . $update_failure . '}';
}
if (isset($callback_loading)) {
$function .= ',beforeSend:function(XMLHttpRequest){' . $callback_loading . '}';
}
if (isset($callback_complete)) {
$function .= ',complete:function(XMLHttpRequest, textStatus){' . $callback_complete . '}';
}
if (isset($callback_success)) {
$function .= ',success:function(data, textStatus){' . $callback_success . '}';
}
$function .= ',url:\'' . url_for($options['url']) . '\'';
$function .= '})';
if (isset($options['before'])) {
$function = $options['before'] . '; ' . $function;
}
if (isset($options['after'])) {
$function = $function . '; ' . $options['after'];
}
if (isset($options['condition'])) {
$function = 'if (' . $options['condition'] . ') { ' . $function . '; }';
}
if (isset($options['confirm'])) {
$function = "if (confirm('" . escape_javascript($options['confirm']) . "')) { {$function}; }";
if (isset($options['cancel'])) {
$function = $function . ' else { ' . $options['cancel'] . ' }';
}
}
return $function;
}
<select name="batch_action">
<option value="">[?php echo __('Choose an action', array(), 'sf_admin') ?]</option>
<?php
foreach ((array) $listActions as $action => $params) {
?>
<?php
echo $this->addCredentialCondition('<option value="' . $action . '">[?php echo __(\'' . $params['label'] . '\', array(), \'sf_admin\') ?]</option>', $params);
?>
<?php
}
?>
</select>
<?php
$form = new sfForm();
if ($form->isCSRFProtected()) {
?>
<input type="hidden" name="<?php
echo $form->getCSRFFieldName();
?>
" value="<?php
echo $form->getCSRFToken();
?>
" />
<?php
}
?>
<input type="submit" value="[?php echo __('go', array(), 'sf_admin') ?]" />
</div>
<?php
}
<table>
<tr>
<?php
$form = new sfForm();
$csrfToken = '&' . $form->getCSRFFieldName() . '=' . $form->getCSRFToken();
for ($i = 0; $i < 3; $i++) {
?>
<td>
<?php
if (isset($options['images'][$i])) {
$image = $options['images'][$i];
echo op_image_tag_sf_image($image->getFile(), array('size' => '180x180'));
?>
<br />
<?php
if (isset($options['form'])) {
?>
[
<?php
echo link_to(__('Delete'), 'member/deleteImage?member_image_id=' . $image->getId() . $csrfToken);
?>
|
<?php
if ($image->getIsPrimary()) {
echo __('Main Photo');
} else {
echo link_to(__('Main Photo'), 'member/changeMainImage?member_image_id=' . $image->getId() . $csrfToken);
}
?>
]
<?php
/**
* Calls a request to a uri.
*
* @param string $uri The URI to fetch
* @param string $method The request method
* @param array $parameters The Request parameters
* @param bool $changeStack Change the browser history stack?
*
* @return sfBrowserBase
*/
public function call($uri, $method = 'get', $parameters = array(), $changeStack = true)
{
// check that the previous call() hasn't returned an uncatched exception
$this->checkCurrentExceptionIsEmpty();
$uri = $this->fixUri($uri);
// add uri to the stack
if ($changeStack) {
$this->stack = array_slice($this->stack, 0, $this->stackPosition + 1);
$this->stack[] = array('uri' => $uri, 'method' => $method, 'parameters' => $parameters);
$this->stackPosition = count($this->stack) - 1;
}
list($path, $queryString) = false !== ($pos = strpos($uri, '?')) ? array(substr($uri, 0, $pos), substr($uri, $pos + 1)) : array($uri, '');
$queryString = html_entity_decode($queryString);
// remove anchor
$path = preg_replace('/#.*/', '', $path);
// removes all fields from previous request
$this->fields = array();
// prepare the request object
$_SERVER = $this->defaultServerArray;
$_SERVER['HTTP_HOST'] = $this->hostname;
$_SERVER['SERVER_NAME'] = $_SERVER['HTTP_HOST'];
$_SERVER['SERVER_PORT'] = 80;
$_SERVER['HTTP_USER_AGENT'] = 'PHP5/CLI';
$_SERVER['REMOTE_ADDR'] = $this->remote;
$_SERVER['REQUEST_METHOD'] = strtoupper($method);
$_SERVER['PATH_INFO'] = $path;
$_SERVER['REQUEST_URI'] = '/uploadFiles.php' . $uri;
$_SERVER['SCRIPT_NAME'] = '/uploadFiles.php';
$_SERVER['SCRIPT_FILENAME'] = '/uploadFiles.php';
$_SERVER['QUERY_STRING'] = $queryString;
if ($this->stackPosition >= 1) {
$_SERVER['HTTP_REFERER'] = sprintf('http%s://%s%s', isset($this->defaultServerArray['HTTPS']) ? 's' : '', $this->hostname, $this->stack[$this->stackPosition - 1]['uri']);
}
foreach ($this->vars as $key => $value) {
$_SERVER[strtoupper($key)] = $value;
}
foreach ($this->headers as $header => $value) {
$_SERVER['HTTP_' . strtoupper(str_replace('-', '_', $header))] = $value;
}
$this->headers = array();
// request parameters
$_GET = $_POST = array();
if (in_array(strtoupper($method), array('POST', 'DELETE', 'PUT'))) {
if (isset($parameters['_with_csrf']) && $parameters['_with_csrf']) {
unset($parameters['_with_csrf']);
$form = new sfForm();
$parameters[$form->getCSRFFieldName()] = $form->getCSRFToken();
}
$_POST = $parameters;
}
if (strtoupper($method) == 'GET') {
$_GET = $parameters;
}
// handle input type="file" fields
$_FILES = array();
if (count($this->files)) {
$_FILES = $this->files;
}
$this->files = array();
parse_str($queryString, $qs);
if (is_array($qs)) {
$_GET = array_merge($qs, $_GET);
}
// expire cookies
$cookies = $this->cookieJar;
foreach ($cookies as $name => $cookie) {
if ($cookie['expire'] && $cookie['expire'] < time()) {
unset($this->cookieJar[$name]);
}
}
// restore cookies
$_COOKIE = array();
foreach ($this->cookieJar as $name => $cookie) {
$_COOKIE[$name] = $cookie['value'];
}
$this->doCall();
$response = $this->getResponse();
// save cookies
foreach ($response->getCookies() as $name => $cookie) {
// FIXME: deal with path, secure, ...
$this->cookieJar[$name] = $cookie;
}
// support for the ETag header
if ($etag = $response->getHttpHeader('Etag')) {
$this->vars['HTTP_IF_NONE_MATCH'] = $etag;
} else {
unset($this->vars['HTTP_IF_NONE_MATCH']);
}
// support for the last modified header
if ($lastModified = $response->getHttpHeader('Last-Modified')) {
$this->vars['HTTP_IF_MODIFIED_SINCE'] = $lastModified;
} else {
unset($this->vars['HTTP_IF_MODIFIED_SINCE']);
}
// for HTML/XML content, create a DOM and sfDomCssSelector objects for the response content
$this->dom = null;
$this->domCssSelector = null;
if (preg_match('/(x|ht)ml/i', $response->getContentType(), $matches)) {
$this->dom = new DomDocument('1.0', $response->getCharset());
$this->dom->validateOnParse = true;
if ('x' == $matches[1]) {
@$this->dom->loadXML($response->getContent());
} else {
@$this->dom->loadHTML($response->getContent());
}
$this->domCssSelector = new sfDomCssSelector($this->dom);
}
return $this;
}
protected function prepareDataForForm(sfForm $form, $arguments = array(), $options = array())
{
$data = array('user_id' => $form->getObject()->getUserId(), 'name' => $arguments['name'], 'vehicles_list' => $this->parseVehicles($arguments['vehicles']), 'date_range' => array('from' => isset($options['date_from']) ? $options['date_from'] : null, 'to' => isset($options['date_to']) ? $options['date_to'] : null), 'kilometers_range' => array('from' => isset($options['kilometers_from']) ? $options['kilometers_from'] : null, 'to' => isset($options['kilometers_to']) ? $options['kilometers_to'] : null), $form->getCSRFFieldName() => $form->getCSRFToken());
return $data;
}
public function executeSmtTimelineCommunity(sfWebRequest $request)
{
$form = new sfForm();
$this->token = $form->getCSRFToken();
$this->id = $request->getParameter('id');
}
/**
* CSRF Token
*
* @return string
*/
function __csrf_token_value()
{
$form = new sfForm();
return $form->getCSRFToken();
}
public function executeTimelinePlugin(sfWebRequest $request)
{
$this->baseUrl = sfConfig::get('op_base_url');
$form = new sfForm();
$this->csrfToken = $form->getCSRFToken();
return sfView::SUCCESS;
}
function _get_json_data_token()
{
// CSRF protection
$form = new sfForm();
if ($form->isCSRFProtected()) {
$token = sprintf("', %s: '%s", $form->getCSRFFieldName(), $form->getCSRFToken());
return $token;
} else {
return '';
}
}
public function setPublicFormSecurityToken(sfWebRequest $request)
{
$f = new sfForm();
$this->csrf_tag = $f->getCSRFToken();
if ($request->hasParameter('referer')) {
$this->referer = $request->getParameter('referer');
} else {
$this->referer = $request->getUri();
}
}
<?php
$form = new sfForm();
$redirectUrl = url_for('community/addAllMember?id=' . $community->getId()) . '?continue=1' . '&' . urlencode($form->getCSRFFieldName()) . '=' . urlencode($form->getCSRFToken());
$sf_response->addHttpMeta('Refresh', '0;URL=' . $redirectUrl);
?>
<?php
slot('submenu');
include_partial('submenu');
end_slot();
?>
<?php
slot('title', __('Make all members join in this %community%'));
?>
<p>
<?php
echo __('Processing... (Remaining %num% records)', array('%num%' => $remaining));
?>
</p>