PHP CI_Security::csrf_verify 예제들

csrf_verify() 공개 메소드

CSRF Verify

public csrf_verify ( ) : CI_Security
리턴	CI_Security

예제 #1

파일: MY_Security.php 프로젝트: brkrishna/freelance

 /**
  * Override the csrf_verify method to allow us to set controllers
  * and modules to override.
  *
  */
 public function csrf_verify()
 {
     global $RTR;
     $module = $RTR->fetch_module();
     $controller = $RTR->fetch_class();
     $bypass = FALSE;
     if (in_array($module . '/' . $controller, $this->ignored_controllers)) {
         $bypass = TRUE;
     }
     if (!$bypass) {
         parent::csrf_verify();
     }
 }

예제 #2

파일: BF_Security.php 프로젝트: brkrishna/freelance

 /**
  * Verify Cross Site Request Forgery Protection
  *
  * Override the csrf_verify method to allow us to set controllers and
  * modules to override.
  *
  * @return object   Returns $this to allow method chaining
  */
 public function csrf_verify()
 {
     if (!empty($this->ignored_controllers)) {
         global $RTR;
         $module = $RTR->fetch_module();
         $controller = $RTR->fetch_class();
         $path = empty($module) ? $controller : "{$module}/{$controller}";
         if (in_array($path, $this->ignored_controllers)) {
             return $this;
         }
     }
     return parent::csrf_verify();
 }

예제 #3

파일: MY_Security.php 프로젝트: hernanj/SistemaViesma

 function csrf_verify()
 {
     if (isset($_SERVER['REDIRECT_QUERY_STRING'])) {
         $path_segments = explode('/', $_SERVER['REDIRECT_QUERY_STRING']);
         $bypass = FALSE;
         if ($path_segments[0] == 'home') {
             $bypass = TRUE;
         }
         if (!$bypass) {
             parent::csrf_verify();
         }
     }
 }

예제 #4

파일: IGO_Security.php 프로젝트: ci-blox/Ignition-Go

 /**
  * Verify Cross Site Request Forgery Protection.
  *
  * Override the csrf_verify method to allow us to set controllers and modules
  * to override.
  *
  * @return object Returns $this to allow method chaining.
  */
 public function csrf_verify()
 {
     if (!empty($this->ignored_controllers)) {
         global $RTR;
         $module = $RTR->fetch_module();
         $controller = $RTR->class;
         $path = empty($module) ? $controller : "{$module}/{$controller}";
         if (in_array($path, $this->ignored_controllers)) {
             log_message('info', "CSRF verification skipped for '{$path}'");
             return $this;
         }
     }
     return parent::csrf_verify();
 }

예제 #5

파일: MY_Security.php 프로젝트: denzilferreira/aware-server

 public function csrf_verify()
 {
     foreach (config_item('csrf_excludes') as $exclude) {
         $uri = load_class('URI', 'core');
         if (preg_match($exclude, $uri->uri_string()) > 0) {
             // still do input filtering to prevent parameter piggybacking in the form
             if (isset($_COOKIE[$this->_csrf_cookie_name]) && preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) == 0) {
                 unset($_COOKIE[$this->_csrf_cookie_name]);
             }
             return;
         }
     }
     parent::csrf_verify();
 }

예제 #6

파일: Input.php 프로젝트: assad2012/My_CodeIgniter

 /**
  * Class constructor
  *
  * Determines whether to globally enable the XSS processing
  * and whether to allow the $_GET array.
  *
  * @return	void
  */
 public function __construct()
 {
     $this->_enable_csrf = config_item('csrf_protection') === TRUE;
     $this->security =& load_class('Security', 'core');
     // CSRF Protection check
     if ($this->_enable_csrf === TRUE && !is_cli()) {
         $this->security->csrf_verify();
     }
     log_message('info', 'Input Class Initialized');
 }