static function isAdminOrDie($init) { if ($init->user->isLogged && ($init->user->role == ROLE_ADMIN || $init->user->role == ROLE_ADMIN_MODERATOR)) { return true; } else { App::$instance->log->logWrite(LOG_SECURITY, "Restricted access: Try to enter admin only allowed zone"); ST::routeToErrorPage('only-admin'); exit; } }
static function checkToken() { return true; if (!isset($_SESSION['token']) || is_null($_SESSION['token']) || is_null(Request::createFromGlobals()->get('csrf_token'))) { throw new RuntimeException("Bad Token initialization"); } $flag = false; foreach ($_SESSION['token'] as $key => $token) { if ($token === Request::createFromGlobals()->get('csrf_token')) { $flag = true; //drop this token unset($_SESSION['token'][$key]); } } if ($flag) { return true; } else { ST::routeToErrorPage('bad-token'); } }
<?php ST::deployTemplate('heads/ui_timepicker.inc'); $init = App::get_instance(); RenderEngine::MenuChanger(); if (!isset($valid) || !$valid) { ST::routeToErrorPage('500'); } ?> <!--<script>--> <!-- $(document).ready(function () {--> <!-- requiredCapcha("#submit");--> <!-- })--> <!--</script>--> <div class='container'> <div class=' col-md-offset-2 col-md-8 block-border-shadow'> <div class='col-md-offset-3 col-md-9'> <form class='form-horizontal' id="form1" method='post' action="<?php echo ST::route("AuthNew/processResetPwd/" . $user->id); ?> "> <div class='form-group'> <h4>Введите новый пароль для учетной записи <br><?php echo $user->login; ?> </h4> <hr> </div>
public static function makeStackName($stackType = STACK_SINGLE) { Auth::isLoggedOrDie(App::$instance); $result = ''; try { $result = sha1($stackType . date_create()->format("Y-m-d") . App::$instance->user->login . App::$instance->main->appkey); } catch (Exception $e) { ST::routeToErrorPage('500'); } return $result; }