public function actionLogout(User $user, CSRF $CSRF) { $valid = $CSRF->check(Request::get($CSRF->csrfParam)); if ($valid) { $user->logout(true); } $this->redirect(Url::set()->removeAllArgs()->getAbsolute())->send(true); }
protected function build(array $data, $prefix = null) { if ($this->csrf && $this->csrfInstance instanceof \rock\csrf\CSRF) { if (empty($data['query'])) { $data['query'] = []; } $data['query'][$this->csrfInstance->csrfParam] = $this->csrfInstance->get(); } if (!empty($data['query'])) { $data['query'] = preg_replace('/%5B[0-9]+%5D/i', '%5B%5D', http_build_query($data['query'])); } else { unset($data['query']); } if (empty($data['fragment'])) { unset($data['fragment']); } return $prefix . http_build_url($data); }
return !Rock::$app->user->isGuest(); } return \rock\helpers\ArrayHelper::getValue(Rock::$app->user->getAll(), $keys); }, 'call' => function (array $call, array $params = [], Template $template) { if (!isset($call[1])) { $call[1] = null; } list($class, $method) = $call; if ($class === 'context') { $object = $template->context; $function = [$object, $method]; } elseif (function_exists($class) && !$class instanceof \Closure) { return call_user_func_array($class, $params); } else { $object = \rock\di\Container::load($class); if (!method_exists($object, $method)) { throw new \rock\base\BaseException(\rock\base\BaseException::UNKNOWN_METHOD, ['method' => "{$class}::{$method}"]); } $function = [$object, $method]; } return call_user_func_array($function, $params); }], 'title' => 'Demo', 'metaTags' => ['charset' => '<meta charset="' . Rock::$app->charset . '" />'], 'linkTags' => ['favicon' => '<link rel="Shortcut Icon" type="image/x-icon" href="/favicon.ico?10">'], 'snippets' => ['request.get' => ['class' => \rock\snippets\request\Get::className()], 'request.post' => ['class' => \rock\snippets\request\Post::className()], 'csrf' => ['class' => \rock\snippets\CSRF::className()], 'captchaView' => ['class' => \rock\snippets\CaptchaView::className()], 'activeForm' => ['class' => \rock\snippets\ActiveForm::className()]]], 'execute' => ['class' => \rock\execute\CacheExecute::className()], 'i18n' => ['class' => \rock\i18n\i18n::className(), 'pathsDicts' => ['ru' => ['@rock/messages/ru/lang.php', '@rock/messages/ru/validate.php'], 'en' => ['@rock/messages/en/lang.php', '@rock/messages/en/validate.php']], 'locale' => [\rock\LocaleProperties::className(), 'locale']], 'date' => ['class' => \rock\date\DateTime::className(), 'locale' => [\rock\LocaleProperties::className(), 'locale'], 'formats' => ['dmy' => function (\rock\date\DateTime $dateTime) { $nowYear = date('Y'); $lastYear = $dateTime->format('Y'); return $nowYear > $lastYear ? $dateTime->format('j F Y') : $dateTime->format('d F'); }, 'dmyhm' => function (\rock\date\DateTime $dateTime) { $nowYear = date('Y'); $lastYear = $dateTime->format('Y'); return $nowYear > $lastYear ? $dateTime->format('j F Y H:i') : $dateTime->format('j F H:i'); }]], 'mail' => ['class' => \rock\mail\Mail::className(), 'From' => 'support@' . (new \rock\request\Request())->getHost(), 'FromName' => 'Rock Framework'], 'url' => ['class' => \rock\url\Url::className()], 'request' => ['class' => \rock\request\Request::className(), 'locale' => [\rock\LocaleProperties::className(), 'locale']], 'response' => ['class' => \rock\response\Response::className(), 'locale' => [\rock\LocaleProperties::className(), 'locale']], 'htmlResponseFormatter' => ['class' => \rock\response\HtmlResponseFormatter::className()], 'jsonResponseFormatter' => ['class' => \rock\response\JsonResponseFormatter::className()], 'xmlResponseFormatter' => ['class' => \rock\response\XmlResponseFormatter::className()], 'rssResponseFormatter' => ['class' => \rock\response\RssResponseFormatter::className()], 'session' => ['class' => \rock\session\Session::className(), 'cookieParams' => ['httponly' => true, 'lifetime' => 60 * 60 * 24 * 60, 'setUseCookies' => \rock\session\Session::USE_ONLY_COOKIES]], 'cookie' => ['class' => \rock\cookie\Cookie::className()], 'security' => ['class' => Security::className()], 'sanitize' => ['class' => \rock\sanitize\Sanitize::className()], 'validate' => ['class' => \rock\validate\Validate::className(), 'locale' => [\rock\LocaleProperties::className(), 'locale']], 'csrf' => ['class' => \rock\csrf\CSRF::className()], 'captcha' => ['class' => \rock\captcha\Captcha::className(), 'length' => 0, 'whiteNoiseDensity' => 1 / 6, 'blackNoiseDensity' => 1 / 30], 'user' => ['class' => \rock\user\User::className(), 'container' => 'user'], 'rbac' => ['class' => \rock\rbac\DBManager::className()], 'log' => ['class' => \rock\log\Log::className()], Role::className() => ['class' => Role::className()], Permission::className() => ['class' => Permission::className()]], require __DIR__ . '/widgets.php');
/** * @inheritdoc */ public function validate($input) { return $this->csrf->check($input); }
protected function clientOptions(array $options) { if (!$this->enableClientValidation) { return $options; } if (!isset($options['data']['ng-init'])) { $options['data']['ng-init'] = []; } if (isset($options['data']['ng-init']) && !is_array($options['data']['ng-init'])) { throw new WidgetException(WidgetException::NOT_ARRAY, ['name' => 'param "ng-init"']); } if (!empty($this->modelName)) { $options['name'] = $this->modelName; if (!isset($options['data']['ng-init']['formName'])) { $options['data']['ng-init']['formName'] = $this->modelName; } } if ($this->validateOnChanged) { $options['data']['ng-init']['validateOnChanged'] = true; } if ($this->csrf instanceof \rock\csrf\CSRF) { if (!isset($options['hiddenCsrf']['data'])) { $options['hiddenCsrf']['data'] = []; } if (!isset($options['hiddenCsrf']['data']['ng-model'])) { $options['hiddenCsrf']['data']['ng-model'] = (isset($this->modelName) ? $this->modelName : 'form') . ".values.{$this->csrf->csrfParam}"; } if (!isset($options['hiddenCsrf']['data']['ng-value'])) { $options['hiddenCsrf']['data']['ng-value'] = "rock.csrf.getToken() || '" . $this->csrf->get() . "'"; } } $options['data']['ng-submit'] = "submit('{$this->clientAction}', \$event)"; return $options; }
protected function getMessageLogout(CSRF $CSRF, $key, $layout = '@common.views/elements/alert-info') { $args = [$CSRF->csrfParam => $CSRF->get(), 'service' => 'logout']; $content = i18n::t($key, ['url' => Url::set()->addArgs($args)->getRelative()]); return $this->template->getChunk($layout, ['output' => $content]); }