public function generate_token()
{
if (!$this->CI->config->item('linkigniter.enable_csrf_protection')) {
return;
}
$this->CI->load->library('session');
if ($this->CI->session->userdata(self::$token_name) === FALSE) {
self::$token = md5(uniqid() . microtime() . rand());
$this->CI->session->set_userdata(self::$token_name, self::$token);
} else {
self::$token = $this->CI->session->userdata(self::$token_name);
}
}
/**
* Generates a CSRF token and stores it on session. Only one token per session is generated.
* This must be tied to a post-controller hook, and before the hook
* that calls the inject_tokens method().
*
* @return void
*/
public function generate_token()
{
// Load session library if not loaded
$this->CI->load->library('session');
if ($this->CI->session->userdata(self::$token_name) === FALSE) {
// Generate a token and store it on session, since old one appears to have expired.
self::$token = md5(uniqid() . microtime() . rand());
$this->CI->session->set_userdata(self::$token_name, self::$token);
} else {
// Set it to local variable for easy access
self::$token = $this->CI->session->userdata(self::$token_name);
}
}
/**
* Generates a CSRF token and stores it on session. Only one token per session is generated.
* This must be tied to a post-controller hook, and before the hook
* that calls the inject_tokens method().
*
* @return void
* @author Ian Murray
*/
public function generate_token()
{
// Загружаем библиотеку session
$this->CI->load->library('session');
echo 'hello';
if ($this->CI->session->userdata(self::$token_name) === FALSE) {
// Генерируем слчайную строку и записываем её в сессию.
self::$token = md5(uniqid() . microtime() . rand());
$this->CI->session->set_userdata(self::$token_name, self::$token);
} else {
// записываем полученное значение в локальную переменную
self::$token = $this->CI->session->userdata(self::$token_name);
}
}
/**
* Generates a CSRF token and adds it to the list in the session.
* Only the most recent five tokens are stored.
* This must be tied to a post-controller hook, and before the hook
* that calls the inject_tokens method().
*
* @return void
*/
public function generate_token()
{
// Load session library if not loaded
$this->CI->load->library('session');
// Extract the list of tokens we currently know about
self::$tokens = $this->CI->session->userdata(self::$token_name);
if (!is_array(self::$tokens)) {
self::$tokens = array();
}
// We only want to keep the most recent tokens
if (count(self::$tokens) > 5) {
array_pop(self::$tokens);
}
// Generate a new token for this request, add to the list
$token = md5(uniqid() . microtime() . rand());
array_unshift(self::$tokens, $token);
// Store to the session
$this->CI->session->set_userdata(self::$token_name, self::$tokens);
}
