public function init() { parent::init(); //Для более надежной защиты от XSS /*if(isset($_GET)) $_GET=$this->defenderXss($_GET, ["(", ")"]); if(isset($_COOKIE)) $_COOKIE=$this->defenderXss($_COOKIE, []); if(isset($_POST)) $_POST=$this->defenderXss($_POST, []); if(isset($_REQUEST)) $_REQUEST=$this->defenderXss($_REQUEST, []); */ }
/** * Init */ public function init() { parent::init(); // Get the path if (craft()->config->usePathInfo()) { $pathInfo = $this->getPathInfo(); $path = $pathInfo ? $pathInfo : $this->_getQueryStringPath(); } else { $queryString = $this->_getQueryStringPath(); $path = $queryString ? $queryString : $this->getPathInfo(); } // Sanitize $path = $this->decodePathInfo($path); // Get the path segments $this->_segments = array_filter(explode('/', $path)); // Is this a CP request? $this->_isCpRequest = $this->getSegment(1) == craft()->config->get('cpTrigger'); if ($this->_isCpRequest) { // Chop the CP trigger segment off of the path & segments array array_shift($this->_segments); } // Is this a paginated request? if ($this->_segments) { // Match against the entire path string as opposed to just the last segment // so that we can support "/page/2"-style pagination URLs $path = implode('/', $this->_segments); $pageTrigger = str_replace('/', '\\/', craft()->config->get('pageTrigger')); if (preg_match("/(.*)\\b{$pageTrigger}(\\d+)\$/", $path, $match)) { // Capture the page num $this->_pageNum = (int) $match[2]; // Sanitize $newPath = $this->decodePathInfo($match[1]); // Reset the segments without the pagination stuff $this->_segments = array_filter(explode('/', $newPath)); } } // Now that we've chopped off the admin/page segments, set the path $this->_path = implode('/', $this->_segments); $this->_checkRequestType(); }
public function init() { parent::init(); }
/** * Initializes the application component. * * @return null */ public function init() { // Is CSRF protection enabled? if (craft()->config->get('enableCsrfProtection') === true) { $this->enableCsrfValidation = true; // Grab the token name. $this->csrfTokenName = craft()->config->get('csrfTokenName'); } // Now initialize Yii's CHttpRequest. parent::init(); // There is no path. if (craft()->isConsole()) { $path = ''; } else { // Get the normalized path. $path = $this->getNormalizedPath(); } // Get the path segments $this->_segments = array_filter(explode('/', $path), function ($value) { // Explicitly check in case there is a 0 in a segment (i.e. foo/0 or foo/0/bar) return $value !== ''; }); // Is this a CP request? $this->_isCpRequest = $this->getSegment(1) == craft()->config->get('cpTrigger'); if ($this->_isCpRequest) { // Chop the CP trigger segment off of the path & segments array array_shift($this->_segments); } // Is this a paginated request? $pageTrigger = craft()->config->get('pageTrigger'); if (!is_string($pageTrigger) || !strlen($pageTrigger)) { $pageTrigger = 'p'; } // Is this query string-based pagination? if ($pageTrigger[0] === '?') { $pageTrigger = trim($pageTrigger, '?='); if ($pageTrigger === 'p') { // Avoid conflict with the main 'p' param $pageTrigger = 'pg'; } $this->_pageNum = (int) $this->getQuery($pageTrigger, '1'); } else { if ($this->_segments) { // Match against the entire path string as opposed to just the last segment so that we can support // "/page/2"-style pagination URLs $path = implode('/', $this->_segments); $pageTrigger = preg_quote(craft()->config->get('pageTrigger'), '/'); if (preg_match("/^(?:(.*)\\/)?{$pageTrigger}(\\d+)\$/", $path, $match)) { // Capture the page num $this->_pageNum = (int) $match[2]; // Sanitize $newPath = $this->decodePathInfo($match[1]); // Reset the segments without the pagination stuff $this->_segments = array_filter(explode('/', $newPath)); } } } // Now that we've chopped off the admin/page segments, set the path $this->_path = implode('/', $this->_segments); }
/** * Initializes the application component. * * @return null */ public function init() { // Is CSRF protection enabled? if (craft()->config->get('enableCsrfProtection') === true) { $this->enableCsrfValidation = true; // Grab the token name. $this->csrfTokenName = craft()->config->get('csrfTokenName'); } // Now initialize Yii's CHttpRequest. parent::init(); // There is no path. if (craft()->isConsole()) { $path = ''; } else { // Get the normalized path. $path = $this->getNormalizedPath(); } // Get the path segments $this->_segments = array_filter(explode('/', $path)); // Is this a CP request? $this->_isCpRequest = $this->getSegment(1) == craft()->config->get('cpTrigger'); if ($this->_isCpRequest) { // Chop the CP trigger segment off of the path & segments array array_shift($this->_segments); } // Is this a paginated request? if ($this->_segments) { // Match against the entire path string as opposed to just the last segment so that we can support // "/page/2"-style pagination URLs $path = implode('/', $this->_segments); $pageTrigger = preg_quote(craft()->config->get('pageTrigger'), '/'); if (preg_match("/^(?:(.*)\\/)?{$pageTrigger}(\\d+)\$/", $path, $match)) { // Capture the page num $this->_pageNum = (int) $match[2]; // Sanitize $newPath = $this->decodePathInfo($match[1]); // Reset the segments without the pagination stuff $this->_segments = array_filter(explode('/', $newPath)); } } // Now that we've chopped off the admin/page segments, set the path $this->_path = implode('/', $this->_segments); }
/** * Save default language */ public function init() { $this->_defaultLanguage = Yii::app()->language; parent::init(); }