PHP ConnectorSecurity Examples

Example #1

File: dataprocessor.php Project: DewiParamita/sikti

 protected function get_post_values($ids)
 {
     $data = array();
     for ($i = 0; $i < sizeof($ids); $i++) {
         $data[$ids[$i]] = array();
     }
     foreach ($_POST as $key => $value) {
         $details = explode("_", $key, 2);
         if (sizeof($details) == 1) {
             continue;
         }
         $name = $this->name_data($details[1]);
         $data[$details[0]][$name] = ConnectorSecurity::filter($value);
     }
     return $data;
 }

Example #2

File: data_connector.php Project: jekay100/xwtec

 protected function get_post_values($ids)
 {
     if (isset($_GET['action'])) {
         $data = array();
         if (isset($_POST["id"])) {
             $dataset = array();
             foreach ($_POST as $key => $value) {
                 $dataset[$key] = ConnectorSecurity::filter($value);
             }
             $data[$_POST["id"]] = $dataset;
         } else {
             $data["dummy_id"] = $_POST;
         }
         return $data;
     }
     return parent::get_post_values($ids);
 }

Example #3

File: base_connector.php Project: rokkit/temp

 protected function parse_request()
 {
     //set default dyn. loading params, can be reset in child classes
     if ($this->dload) {
         $this->request->set_limit(0, $this->dload);
     } else {
         if ($this->limit) {
             $this->request->set_limit(0, $this->limit);
         }
     }
     if (isset($_GET["posStart"]) && isset($_GET["count"])) {
         $this->request->set_limit($_GET["posStart"], $_GET["count"]);
     }
     $this->parse_request_mode();
     if ($this->live_update && ($this->updating || $this->editing)) {
         $this->request->set_version($_GET["dhx_version"]);
         $this->request->set_user($_GET["dhx_user"]);
     }
     if (isset($_GET[Connector::$sort_var])) {
         foreach ($_GET[Connector::$sort_var] as $k => $v) {
             $k = $this->safe_field_name($k);
             $this->request->set_sort($this->resolve_parameter($k), $v);
         }
     }
     if (isset($_GET[Connector::$sort_var])) {
         foreach ($_GET[Connector::$filter_var] as $k => $v) {
             $k = $this->safe_field_name($k);
             $this->request->set_filter($this->resolve_parameter($k), $v);
         }
     }
     $key = ConnectorSecurity::checkCSRF($this->editing);
     if ($key !== "") {
         $this->add_top_attribute(ConnectorSecurity::$security_var, $key);
     }
 }

Example #4

File: connector_safe.php Project: jeansung/DSLResearch

<?php

$db = new SQLite3('../../common/testdata.sqlite');
require "../../common/connector/data_connector.php";
require "../../common/connector/db_sqlite3.php";
ConnectorSecurity::$xss = DHX_SECURITY_SAFEHTML;
$conn = new DataConnector($db, "SQLite3");
$conn->render_table("films", "id", "title,year,votes,rating,rank");

Example #5

File: base_connector.php Project: jeansung/DSLResearch

 protected function check_csrf()
 {
     $key = ConnectorSecurity::checkCSRF($this->editing);
     if ($key !== "") {
         $this->add_top_attribute(ConnectorSecurity::$security_var, $key);
     }
 }

Example #6

File: tree_csrf.php Project: slothfk/connector-php

<?php

require_once "../config.php";
require_once '../../codebase/db_pdo.php';
$res = new PDO($mysql_server, $mysql_user, $mysql_pass);
require "../../codebase/tree_connector.php";
ConnectorSecurity::$security_key = true;
$grid = new TreeConnector($res, "PDO");
$grid->render_table("tasks", "taskId", "taskName", "", "parentId");

Example #7

File: xss_filter.php Project: neohusky/demo

 static function checkCSRF($edit)
 {
     @session_start();
     if (ConnectorSecurity::$security_key) {
         if ($edit === true) {
             if (!isset($_POST['dhx_security'])) {
                 return ConnectorSecurity::CSRF_detected();
             }
             $master_key = $_SESSION['dhx_security'];
             $update_key = $_POST['dhx_security'];
             if ($master_key != $update_key) {
                 return ConnectorSecurity::CSRF_detected();
             }
             return "";
         }
         //data loading
         if (!array_key_exists("dhx_security", $_SESSION)) {
             $_SESSION["dhx_security"] = md5(uniqid());
         }
         return $_SESSION["dhx_security"];
     }
     return "";
 }

Example #8

File: data_connector.php Project: FAVHYAN/a3workout

 protected function parse_request()
 {
     if (isset($_GET['action'])) {
         $action = $_GET['action'];
         //simple request mode
         if ($action == "get") {
             //data request
             if (isset($_GET['id'])) {
                 //single entity data request
                 $this->request->set_filter($this->config->id["name"], $_GET['id'], "=");
             } else {
                 //loading collection of items
             }
         } else {
             //data saving
             $this->editing = true;
         }
     } else {
         if (isset($_GET["dhx_colls"])) {
             $this->fill_collections($_GET["dhx_colls"]);
         }
         if (isset($_GET['editing']) && isset($_POST['ids'])) {
             $this->editing = true;
         }
         parent::parse_request();
     }
     if (isset($_GET["start"]) && isset($_GET["count"])) {
         $this->request->set_limit($_GET["start"], $_GET["count"]);
     }
     $key = ConnectorSecurity::checkCSRF($this->editing);
     if ($key !== "") {
         $this->add_top_attribute("dhx_security", $key);
     }
 }

Example #9

File: connector_trusted.php Project: jeansung/DSLResearch

<?php

$db = new SQLite3('../../common/testdata.sqlite');
require "../../common/connector/data_connector.php";
require "../../common/connector/db_sqlite3.php";
ConnectorSecurity::$xss = DHX_SECURITY_TRUSTED;
$conn = new DataConnector($db, "SQLite3");
$conn->render_table("films", "id", "title,year,votes,rating,rank");