public function testCheckRequest() { $t = new SecurityToken(); $n = $t->getName(); $t->setValue(null); $r = new SS_HTTPRequest('GET', 'dummy', array($n => 'invalidtoken')); $this->assertFalse($t->checkRequest($r), 'Any token is invalid if no token is stored'); $t->setValue(null); $r = new SS_HTTPRequest('GET', 'dummy', array($n => null)); $this->assertFalse($t->checkRequest($r), 'NULL token is invalid if no token is stored'); $t->setValue('mytoken'); $r = new SS_HTTPRequest('GET', 'dummy', array($n => 'invalidtoken')); $this->assertFalse($t->checkRequest($r), 'Invalid token returns false'); $t->setValue('mytoken'); $r = new SS_HTTPRequest('GET', 'dummy', array($n => 'mytoken')); $this->assertTrue($t->checkRequest($r), 'Valid token returns true'); }
public function sendSignupConfirmation($request) { $body = $this->request->getBody(); $json = json_decode($body, true); if (!$this->securityToken->checkRequest($request)) { $response = new SS_HTTPResponse(); $response->setStatusCode(403); $response->addHeader('Content-Type', 'application/json'); $response->setBody(json_encode("Error")); return $response; } $this->securityToken->reset(); $to = $json['email']; $news_update_email_from = defined('NEWS_UPDATE_EMAIL_FROM') ? NEWS_UPDATE_EMAIL_FROM : '*****@*****.**'; $user_name = sprintf('%s %s', $json['first_name'], $json['last_name']); $email = EmailFactory::getInstance()->buildEmail('*****@*****.**', $to, 'Thank you for subscribing to OpenStack Foundation News updates'); $email->setTemplate('NewsPageSignupConfirmationEMail'); $email->populateTemplate(array('UserName' => $user_name, 'NewsUpdateEmailFrom' => $news_update_email_from)); $email->send(); return 'OK'; }
/** * @param $request * @return SS_HTTPResponse|string */ public function emitPackagePurchaseOrder($request) { if (!Director::is_ajax()) { return $this->forbiddenError(); } if (!$this->packagePurchaseOrderSecurityToken->checkRequest($request)) { return $this->forbiddenError(); } $body = $this->request->getBody(); $json = json_decode($body, true); $this->packagePurchaseOrderSecurityToken->reset(); try { $this->getPackagePurchaseOrderManager()->registerPurchaseOrder($json, new NewPurchaseOrderEmailMessageSender()); } catch (EntityValidationException $ex1) { SS_Log::log($ex1, SS_Log::WARN); return $this->validationError($ex1->getMessages()); } catch (Exception $ex) { SS_Log::log($ex, SS_Log::ERR); return $this->serverError(); } return $this->ok(array('token' => $this->packagePurchaseOrderSecurityToken->getValue())); }