PHP validate_form_token Examples

Programming Language: PHP

Method/Function: validate_form_token

Examples at hotexamples.com: 3

PHP validate_form_token - 3 examples found. These are the top rated real world PHP examples of validate_form_token extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: upgrade.php Project: richardneish/richardneish.github.com

/**
 * Applies the upgrade.
 */
function upgrade_apply()
{
    global $xtpl, $upgrade_access_check;
    if (!validate_form_token($_POST['tk'], 'upgrade_selection')) {
        set_message('SimpleID detected a potential security attack.  Please try again.');
        upgrade_selection();
        return;
    }
    $results = '';
    $functions = cache_get('upgrade', $_POST['handle']);
    foreach ($functions as $function) {
        $results .= call_user_func($function);
    }
    if (!$upgrade_access_check) {
        $xtpl->parse('main.upgrade_results.upgrade_access_check');
    }
    $xtpl->assign('results', $results);
    $xtpl->parse('main.upgrade_results');
    cache_gc(0, 'upgrade');
    $xtpl->assign('title', 'Upgrade');
    $xtpl->parse('main');
    $xtpl->out('main');
}

Example #2

Show file

File: index.php Project: richardneish/richardneish.github.com

/**
 * Processes a user response from the {@link simpleid_openid_consent_form()} function.
 *
 * If the user verifies the relying party, an OpenID response will be sent to
 * the relying party.  Otherwise, the dashboard will be displayed to the user.
 *
 */
function simpleid_openid_consent()
{
    global $xtpl, $user, $version, $GETPOST;
    if ($user == NULL) {
        user_login_form('');
        return;
    }
    if (!validate_form_token($GETPOST['tk'], 'rp')) {
        set_message('SimpleID detected a potential security attack.  Please try again.');
        $xtpl->assign('title', 'OpenID Login');
        $xtpl->parse('main');
        $xtpl->out('main');
        return;
    }
    $uid = $user['uid'];
    $response = unpickle($GETPOST['s']);
    $version = openid_get_version($response);
    $return_to = $response['openid.return_to'];
    if (!$return_to) {
        $return_to = $GETPOST['openid.return_to'];
    }
    if ($GETPOST['op'] == 'Cancel') {
        $response = simpleid_checkid_error(false);
        if (!$return_to) {
            set_message('Log in cancelled.');
        }
    } else {
        $now = time();
        $realm = $GETPOST['openid.realm'];
        if (isset($user['rp'][$realm])) {
            $rp = $user['rp'][$realm];
        } else {
            $rp = array('realm' => $realm, 'first_time' => $now);
        }
        $rp['last_time'] = $now;
        $rp['auto_release'] = isset($GETPOST['autorelease']) && $GETPOST['autorelease'] ? 1 : 0;
        extension_invoke_all('consent', $GETPOST, $response, $rp);
        $user['rp'][$realm] = $rp;
        user_save($user);
        $response = simpleid_sign($response, isset($response['openid.assoc_handle']) ? $response['openid.assoc_handle'] : NULL);
        if (!$return_to) {
            set_message('You were logged in successfully.');
        }
    }
    if ($return_to) {
        simpleid_assertion_response($response, $return_to);
    } else {
        page_dashboard();
    }
}

Example #3

Show file

File: init.inc.php Project: hubgit/user

<?php

define(MAIN_PATH, realpath(__DIR__) . DIRECTORY_SEPARATOR . '..');
require 'includes/config.inc.php';
require 'includes/functions.inc.php';
require 'includes/user.inc.php';
mysql_connect($config['db']['server'], $config['db']['user'], $config['db']['password']) or die('Could not connect to MySQL server');
// SERVER, DB USERNAME, DB PASSWORD
mysql_select_db($config['db']['db']);
// DATABASE
mysql_query('SET NAMES utf8');
session_name('session');
session_start();
if (!isset($_SESSION['form-token'])) {
    session_regenerate_id();
    $_SESSION['form-token'] = generate_token();
}
if (!empty($_POST)) {
    validate_form_token();
}