/** * Generates a CSRF token and stores it on session. Only one token per session is generated. * This must be tied to a post-controller hook, and before the hook * that calls the inject_tokens method(). * * @return void */ public function generate_token() { // Load session library if not loaded $this->CI->load->library('session'); if ($this->CI->session->userdata(self::$token_name) === FALSE) { // Generate a token and store it on session, since old one appears to have expired. self::$token = md5(uniqid() . microtime() . rand()); $this->CI->session->set_userdata(self::$token_name, self::$token); } else { // Set it to local variable for easy access self::$token = $this->CI->session->userdata(self::$token_name); } }
public function generate_token() { if (!$this->CI->config->item('linkigniter.enable_csrf_protection')) { return; } $this->CI->load->library('session'); if ($this->CI->session->userdata(self::$token_name) === FALSE) { self::$token = md5(uniqid() . microtime() . rand()); $this->CI->session->set_userdata(self::$token_name, self::$token); } else { self::$token = $this->CI->session->userdata(self::$token_name); } }
/** * Generates a CSRF token and stores it on session. Only one token per session is generated. * This must be tied to a post-controller hook, and before the hook * that calls the inject_tokens method(). * * @return void * @author Ian Murray */ public function generate_token() { // Загружаем библиотеку session $this->CI->load->library('session'); echo 'hello'; if ($this->CI->session->userdata(self::$token_name) === FALSE) { // Генерируем слчайную строку и записываем её в сессию. self::$token = md5(uniqid() . microtime() . rand()); $this->CI->session->set_userdata(self::$token_name, self::$token); } else { // записываем полученное значение в локальную переменную self::$token = $this->CI->session->userdata(self::$token_name); } }