public function testGetHiddenInput()
{
$token = CSRFTokenGenerator::getToken();
$this->assertEquals(sprintf('<input type="hidden" name="%s" value="%s"/>', CSRFTokenGenerator::TOKEN_NAME, $token), CSRFTokenGenerator::getHiddenInputString());
$token = CSRFTokenGenerator::getToken(self::ALT_TOKEN_NAME);
$this->assertEquals(sprintf('<input type="hidden" name="%s" value="%s"/>', self::ALT_TOKEN_NAME, $token), CSRFTokenGenerator::getHiddenInputString(self::ALT_TOKEN_NAME));
}
<?php
require 'vendor/autoload.php';
require 'app/funcs.php';
use Gum\Route as Gum;
Gum::get('/', function () {
echo tpl('xannybakes', array('csrf' => \Volnix\CSRF\CSRF::getHiddenInputString()));
});
Gum::post('/contact', function () {
$mandrill = new Mandrill('');
// @TODO: get from env var
$name = htmlspecialchars($_POST['name']);
$email = htmlspecialchars($_POST['email']);
$body = htmlspecialchars($_POST['body']);
$message = array('text' => $body, 'subject' => 'Someone contacted you via your website!', 'from_email' => $email, 'from_name' => $name, 'to' => array(array('email' => '*****@*****.**', 'name' => 'Adrian Unger', 'type' => 'to')));
$result = $mandrill->messages->send($message);
print_r($result);
});
// handle 404
if (Gum::not_found()) {
header('HTTP/1.0 404 Not Found');
echo '404 Not Found';
exit;
}
