function form_open($exists_required_fields = false, $is_upload = false, $atter = array(), $hidden = array(), $form_title = '') { $atter_default = array('class' => 'form-stacked form-horizontal', 'method' => 'post', 'id' => site_get_form_id()); $atter = array_merge($atter_default, $atter); if ($is_upload) { $atter['enctype'] = 'multipart/form-data'; } $hidden_default = array(Config::get('security.csrf_token_key') => Util_security::get_csrf()); $hidden = array_merge($hidden_default, $hidden); return render('_parts/form/open', array('exists_required_fields' => $exists_required_fields, 'atter' => $atter, 'hidden' => $hidden, 'title' => $form_title)); }
public function action_login() { // Already logged in \Auth::check() and \Response::redirect('admin'); $destination = \Session::get_flash('destination') ?: \Input::post('destination', ''); $val = \Validation::forge(); $val->add(\Config::get('security.csrf_token_key'), '', array('type' => 'hidden', 'value' => \Util_security::get_csrf())); $val->add('email', 'Username')->add_rule('required'); $val->add('password', 'Password', array('type' => 'password'))->add_rule('required'); if (\Input::method() == 'POST') { if ($val->run()) { $auth = \Auth::instance(); // check the credentials. This assumes that you have the previous table created if (\Auth::check() or $auth->login(\Input::post('email'), \Input::post('password'))) { // credentials ok, go right in return $this->login_succeeded($destination); } else { \Session::set_flash('error', 'ログインに失敗しました'); } } } $this->set_title_and_breadcrumbs('Login', null, null, null, null, true); $this->template->content = \View::forge('login', array('val' => $val, 'destination' => $destination)); }
public static function get_form_instance($name = 'default', $model_obj = null, $is_horizontal = true, $add_fields = array(), $btn_field = array(), $form_attr = array(), $hide_fields = array()) { $form = Fieldset::forge($name); if ($is_horizontal) { if (empty($form_attr['class'])) { $form_attr['class'] = 'form-horizontal'; } else { $form_attr['class'] .= ' form-horizontal'; } } $form->set_config('form_attributes', $form_attr); $form->add(\Config::get('security.csrf_token_key'), '', array('type' => 'hidden', 'value' => \Util_security::get_csrf())); if (!empty($add_fields['pre'])) { foreach ($add_fields['pre'] as $name => $item) { $form->add($name, isset($item['label']) ? $item['label'] : '', isset($item['attributes']) ? $item['attributes'] : '', isset($item['rules']) ? $item['rules'] : ''); } unset($add_fields['pre']); } if ($model_obj) { $form->add_model($model_obj); } if (!empty($add_fields['post']) || !empty($add_fields)) { $add_fields_post = !empty($add_fields['post']) ? $add_fields['post'] : $add_fields; foreach ($add_fields_post as $name => $item) { $form->add($name, isset($item['label']) ? $item['label'] : '', isset($item['attributes']) ? $item['attributes'] : array(), isset($item['rules']) ? $item['rules'] : array()); } } if (!empty($btn_field)) { $btn_name = ''; $btn_attr = array(); if (!is_array($btn_field)) { if (in_array($btn_field, array('submit', 'button'))) { $btn_name = $btn_field; $btn_attr = array('type' => $btn_field, 'value' => term('form.do_submit'), 'class' => 'btn btn-default btn-primary'); } } else { if (!isset($btn_field['attributes'])) { $tmp = $btn_field; unset($btn_field); $btn_field = array('attributes' => $tmp); } if (empty($btn_field['attributes']['type'])) { $btn_field['attributes']['type'] = 'submit'; } if (empty($btn_field['attributes']['value'])) { $btn_field['attributes']['value'] = term('form.submit'); } if (empty($btn_field['attributes']['class'])) { $btn_field['attributes']['class'] = 'btn btn-default btn-primary'; } $btn_attr = $btn_field['attributes']; $btn_name = isset($btn_field['name']) ? $btn_field['name'] : $btn_field['attributes']['type']; } if (!empty($btn_name)) { $form->add($btn_name, '', $btn_attr); } } foreach ($hide_fields as $hide_field_name) { $form->disable($hide_field_name, $hide_field_name); $form->field($hide_field_name)->delete_rule('required'); } return $form; }
var is_current_protocol = (arguments.length > 0) ? arguments[0] : false; if (is_current_protocol) return '<?php echo Uri::base(true); ?> '; return '<?php echo Uri::base(); ?> '; } function get_token_key() {return '<?php echo Config::get('security.csrf_token_key'); ?> ';} function get_token() {return '<?php echo Util_security::get_csrf(); ?> ';} function is_sp() {return <?php echo IS_SP ? 'true' : 'false'; ?> ;} function get_term(key) { var terms = { <?php if (conf('memberRelation.follow.isEnabled')) { ?> 'follow': '<?php echo term('follow'); ?> ',
foreach ($input['lang'] as $lang) { echo Form::hidden('lang[]', $lang, array('dont_prep' => true)); } ?> <div class="actions"> <?php echo Form::submit('submit1', '修正'); ?> </div> <?php echo Form::close(); ?> <?php echo Form::open('contact/send'); echo Form::hidden(Config::get('security.csrf_token_key'), Util_security::get_csrf()); echo Form::hidden('name', $input['name'], array('id' => 'name', 'dont_prep' => true)); echo Form::hidden('email', $input['email'], array('id' => 'email', 'dont_prep' => true)); echo Form::hidden('comment', $input['comment'], array('id' => 'comment', 'dont_prep' => true)); echo Form::hidden('gender', $input['gender'], array('id' => 'gender', 'dont_prep' => true)); echo Form::hidden('kind', $input['kind'], array('id' => 'kind', 'dont_prep' => true)); foreach ($input['lang'] as $lang) { echo Form::hidden('lang[]', $lang, array('id' => 'lang', 'dont_prep' => true)); } ?> <div class="actions"> <?php echo Form::submit('submit2', '送信'); ?> </div> <?php
function get_csrf_query_str($delimitter = '?') { return sprintf('%s%s=%s', $delimitter, Config::get('security.csrf_token_key'), Util_security::get_csrf()); }