/**
 * Verify a Cross Script Request Forgery token
 *
 * @return  boolean   verified ?
 */
function csrf_verify()
{
    Session::start();
    $s = @$_SESSION['csrf_token'];
    Session::write_close();
    if (!isset($_POST['csrf_token'])) {
        return false;
    }
    return $s === @$_POST['csrf_token'];
}
Exemplo n.º 2
0
/*
|--------------------------------------------------------------------------
| Special AJAX functions
|--------------------------------------------------------------------------
|
*/
if (isset($_POST['action'])) {
    switch ($_POST['action']) {
        case 'upgradegitpull':
            if (upgrade_is_git()) {
                $can_pull = upgrade_can_git_pull();
                if (!is_array($can_pull)) {
                    exec('git pull', $lines);
                    Session::start();
                    $_SESSION['upgradegitpullok'] = $lines;
                    Session::write_close();
                    echo json_encode(array('logs' => $lines));
                    die;
                } else {
                    echo json_encode(array('error' => __('GIT is no more availble, please refresh the page')));
                    die;
                }
            } else {
                echo json_encode(array('error' => __('GIT is no more availble, please refresh the page')));
                die;
            }
        default:
            die;
            break;
    }
}
 /**
  * Write the session array
  *
  * @param   array  $value  the array to store
  *
  * @return  void
  */
 private static function sessionWrite($value)
 {
     // Web
     if (isset($_SERVER['SERVER_PROTOCOL'])) {
         Session::start();
         $_SESSION['auth'] = $value;
         Session::write_close();
     } else {
         file_put_contents('_cli_fake_session', json_encode($value));
     }
 }