/** * 初始化登录,返回加密密钥 * * @param App\Services\Login\Process $loginProcess 登录核心处理 * @access public */ public function getPrelogin(LoginProcess $loginProcess) { $publicKey = $loginProcess->getProcess()->setPublicKey(); $callback = Request::input('callback'); $result = ['pKey' => $publicKey, 'a' => csrf_token()]; return response()->json($result)->setCallback($callback); }
/** * Build tree grid scripts. * * @return void */ protected function buildupScript() { $confirm = trans('admin::lang.delete_confirm'); $token = csrf_token(); $this->script = <<<SCRIPT \$('#{$this->elementId}').nestable({}); \$('._delete').click(function() { var id = \$(this).data('id'); if(confirm("{$confirm}")) { \$.post('/{$this->path}/' + id, {_method:'delete','_token':'{$token}'}, function(data){ \$.pjax.reload('#pjax-container'); }); } }); \$('.{$this->elementId}-save').click(function () { var serialize = \$('#{$this->elementId}').nestable('serialize'); \$.get('/{$this->path}', {'_tree':JSON.stringify(serialize)}, function(data){ \$.pjax.reload('#pjax-container'); }); }); \$('.{$this->elementId}-refresh').click(function () { \$.pjax.reload('#pjax-container'); }); SCRIPT; }
/** * Returns the initial HTML view for the admin interface. * * @param \Illuminate\Http\Request $request Laravel request object * @return \Illuminate\Contracts\View\View View for rendering the output */ public function indexAction(Request $request) { if (config('shop.authorize', true)) { $this->authorize('admin'); } $site = Route::input('site', 'default'); $lang = Input::get('lang', config('app.locale', 'en')); $aimeos = app('\\Aimeos\\Shop\\Base\\Aimeos')->get(); $cntlPaths = $aimeos->getCustomPaths('controller/extjs'); $context = app('\\Aimeos\\Shop\\Base\\Context')->get(false); $context = $this->setLocale($context, $site, $lang); $controller = new \Aimeos\Controller\ExtJS\JsonRpc($context, $cntlPaths); $cssFiles = array(); foreach ($aimeos->getCustomPaths('admin/extjs') as $base => $paths) { foreach ($paths as $path) { $jsbAbsPath = $base . '/' . $path; if (!is_file($jsbAbsPath)) { throw new \Exception(sprintf('JSB2 file "%1$s" not found', $jsbAbsPath)); } $jsb2 = new \Aimeos\MW\Jsb2\Standard($jsbAbsPath, dirname($path)); $cssFiles = array_merge($cssFiles, $jsb2->getUrls('css')); } } $jqadmUrl = route('aimeos_shop_jqadm_search', array('site' => $site, 'resource' => 'product')); $jsonUrl = route('aimeos_shop_extadm_json', array('site' => $site, '_token' => csrf_token())); $adminUrl = route('aimeos_shop_extadm', array('site' => '<site>', 'lang' => '<lang>', 'tab' => '<tab>')); $vars = array('lang' => $lang, 'cssFiles' => $cssFiles, 'languages' => $this->getJsonLanguages($context), 'config' => $this->getJsonClientConfig($context), 'site' => $this->getJsonSiteItem($context, $site), 'i18nContent' => $this->getJsonClientI18n($aimeos->getI18nPaths(), $lang), 'searchSchemas' => $controller->getJsonSearchSchemas(), 'itemSchemas' => $controller->getJsonItemSchemas(), 'smd' => $controller->getJsonSmd($jsonUrl), 'urlTemplate' => str_replace(['<', '>'], ['{', '}'], urldecode($adminUrl)), 'uploaddir' => config('shop::uploaddir'), 'activeTab' => Input::get('tab', 0), 'version' => $this->getVersion(), 'jqadmurl' => $jqadmUrl); return View::make('shop::admin.extadm-index', $vars); }
function csrf_inject() { $name = md5(uniqid(rand(), true)); $token = csrf_token($name); echo "<input type='hidden' name='csrf_name' value='{$name}'>"; echo "<input type='hidden' name='csrf_token' value='{$token}'>"; }
function testCreate() { // Given $this->startSession(); $userData = ['name' => 'Captain Kirk', 'email' => '*****@*****.**', 'password' => 'strongpassword', 'country_code' => '1', 'phone_number' => '5558180101']; $newUser = new User($userData); $newUser->save(); $this->be($newUser); $propertyData = ['description' => 'Some description', 'image_url' => 'http://www.someimage.com']; $newProperty = new VacationProperty($propertyData); $newUser->properties()->save($newProperty); $this->assertCount(0, Reservation::all()); $mockTwilioClient = Mockery::mock(Client::class)->makePartial(); $mockTwilioMessages = Mockery::mock(); $mockTwilioClient->messages = $mockTwilioMessages; $twilioNumber = config('services.twilio')['number']; $mockTwilioMessages->shouldReceive('create')->with($newUser->fullNumber(), ['from' => $twilioNumber, 'body' => 'Some reservation message - Reply \'yes\' or \'accept\' to confirm the reservation, or anything else to reject it.'])->once(); $this->app->instance(Client::class, $mockTwilioClient); // When $response = $this->call('POST', route('reservation-create', ['id' => $newProperty->id]), ['message' => 'Some reservation message', '_token' => csrf_token()]); // Then $this->assertCount(1, Reservation::all()); $reservation = Reservation::first(); $this->assertEquals($reservation->message, 'Some reservation message'); $this->assertRedirectedToRoute('property-show', ['id' => $newProperty->id]); $this->assertSessionHas('status'); $flashreservation = $this->app['session']->get('status'); $this->assertEquals($flashreservation, "Sending your reservation request now."); }
/** @test */ public function it_deletes_an_role() { $this->prepare(); $response = $this->actingAs($this->superAdminUser)->visit('genealabs/laravel-governor/roles/create')->type('TestRole', 'name')->type('This is a description for test users role.', 'description')->press('Add Role')->see('TestRole'); $response = $this->actingAs($this->superAdminUser)->delete('genealabs/laravel-governor/roles/TestRole', ['_token' => csrf_token()]); $this->assertCount(0, Role::where('name', 'TestRole')->get()); }
public function __construct() { parent::__construct(); $this->setJavascriptData('csrfToken', csrf_token()); $this->setIconMenu(); $this->setRightMenu(); }
/** * @param FunctionalTester $I * @param Project $project * @param array $params * * @return void */ protected function _exportIssues(FunctionalTester $I, Project $project, array $params) { $I->amOnAction('ProjectController@getIndex', ['project' => $project]); $uri = $I->getApplication()->url->action('ProjectController@postExportIssues', ['project' => $project]); $I->sendAjaxPostRequest($uri, array_merge(['_token' => csrf_token(), 'keyword' => '', 'assignto' => '', 'tags' => ''], $params)); $I->seeResponseCodeIs(200); }
public function testRequests() { $client = factory(Client::class)->create(); $response = $this->call('GET', '/clients/'); $this->assertEquals(404, $response->status()); $response = $this->call('GET', '/clients/new'); $this->assertEquals(200, $response->status()); $response = $this->call('GET', '/clients/list'); $this->assertEquals(200, $response->status()); $response = $this->call('GET', '/clients/edit/' . $client->id); $this->assertEquals(200, $response->status()); $response = $this->call('POST', '/clients/store', ['name' => 'Ruiz', 'birth' => '1992-07-08', 'address' => 'bairro centro', 'phone' => '55 42 9916-1669']); $this->assertEquals(500, $response->status()); $response = $this->call('POST', '/clients/store', ['_token' => csrf_token(), 'name' => 'Ruiz']); $this->assertEquals(302, $response->status()); $response = $this->call('POST', '/clients/store', ['_token' => csrf_token(), 'name' => 'Ruiz', 'birth' => '1992-07-08', 'address' => 'bairro centro', 'phone' => '55 42 9916-1669']); $this->assertEquals(200, $response->status()); $response = $this->call('POST', '/clients/update/' . $client->id, ['name' => 'Ruiz', 'birth' => '1992-07-08', 'address' => 'bairro centro', 'phone' => '55 42 9916-1669']); $this->assertEquals(500, $response->status()); $response = $this->call('POST', '/clients/update/' . $client->id, ['_token' => csrf_token(), 'name' => 'Ruiz']); $this->assertEquals(302, $response->status()); $response = $this->call('POST', '/clients/update/' . $client->id, ['_token' => csrf_token(), 'name' => 'Brizola', 'birth' => '1992-07-08', 'address' => 'bairro centro', 'phone' => '4230353333']); $this->assertEquals(200, $response->status()); $response = $this->call('POST', '/clients/delete/'); $this->assertEquals(500, $response->status()); $response = $this->call('POST', '/clients/delete/' . $client->id, ['_token' => csrf_token()]); $this->assertEquals(200, $response->status()); }
public function anyData(Request $req) { // $data = Unitkerja::all(); // $count = App\Flight::where('active', 1)->count(); // $data = \DB::table('unit_kerja'); $data = Unitkerja::with('skpd'); // dd($data->get()); if ($req->get('filter_skdp_id')) { $result = $data->where('skpd_id', '=', $req->get('filter_skdp_id'))->get(); // $['rows']=$result; // return $result; $datax['rows'] = $this->show_relasi_kolom($result); // return $this->show_relasi_kolom($result); return $datax + ['token' => csrf_token()]; } if ($req->get('page')) { // dd($req->get('page')-1); if ($req->get('page') == 1) { $offset = $req->get('page') - 1; } else { $offset = ($req->get('page') - 1) * $req->get('rows'); } $data->skip($offset); } if ($req->get('rows')) { $data->take($req->get('rows')); } // $datax['rows']=$data->get(); // $datax['rows']=$this->show_relasi_kolom($data->get(),'skpd','nama_skpd','skpd'); $datax['rows'] = $this->show_relasi_kolom($data->get()); $total['total'] = \DB::table('unit_kerja')->count(); // dd($data->get()); return $total + $datax + ['token' => csrf_token()]; // }
function create_csrf_token($id = "") { $token = csrf_token(); $_SESSION['csrf_token' . $id] = $token; $_SESSION['csrf_token_time' . $id] = time(); return $token; }
/** * @test */ public function should_redirect_to_home_page_when_not_found_a_log() { $user = factory(App\User::class)->create(); $this->be($user); $this->post('comments', ['_token' => csrf_token(), 'log_id' => 1234, 'body' => 'A comment.']); $this->followRedirects()->seePageIs('/'); }
/** * @param int $id * * @return string */ public function getPageWysiwyg($id) { $frontendPage = $this->getPage($id); $this->templateScripts['PAGE'] = $frontendPage; Meta::addMeta(['name' => 'page-id', 'data-id' => $id, 'name' => 'csrf-token', 'content' => csrf_token()])->loadPackage(['page-wysiwyg'], true)->addToGroup('site-url', '<script type="text/javascript">' . $this->getTemplateScriptsAsString() . '</script>'); app()->singleton('frontpage', function () use($frontendPage) { return $frontendPage; }); app()->singleton('layout.widgets', function ($app) use($frontendPage) { return new PageWidgetCollection($app['widget.manager'], $frontendPage->getId()); }); app()->singleton('layout.block', function () use($frontendPage) { return new BlockWysiwyg(app('layout.widgets'), $frontendPage); }); if (is_null($layout = $frontendPage->getLayoutView())) { return trans('pages::core.messages.layout_not_set'); } $html = $layout->with('page', $frontendPage)->render(); $injectHTML = view('pages::pages.wysiwyg.system_blocks'); $matches = preg_split('/(<\\/body>)/i', $html, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); if (count($matches) > 1) { $html = $matches[0] . $injectHTML->render() . $matches[1] . $matches[2]; } return $html; }
/** * Request GitHub access * * @param string $scope A comma separated list of scopes * * @return \Illuminate\Http\RedirectResponse */ public function requestGithubAccess($scope) { $clientId = $this->config['client_id']; $redirectUri = secure_url('/getaccesstoken'); $state = csrf_token(); return Redirect::to('https://github.com/login/oauth/authorize?client_id=' . $clientId . '&redirect_uri=' . $redirectUri . '&scope=' . $scope . '&state=' . $state); }
public function testCsrfToken() { set_app($app = new Application()); $app['session'] = $this->getMock('Illuminate\\Session\\TokenProvider'); $app['session']->expects($this->once())->method('getToken')->will($this->returnValue('foo')); $this->assertEquals('foo', csrf_token()); }
/** * Creates the view object for the HTML client. * * @param \Aimeos\MW\Config\Iface $config Configuration object * @param array $templatePaths List of base path names with relative template paths as key/value pairs * @param string|null $locale Code of the current language or null for no translation * @return \Aimeos\MW\View\Iface View object */ public function create(\Aimeos\MW\Config\Iface $config, array $templatePaths, $locale = null) { $params = $fixed = array(); if ($locale !== null) { $params = Route::current()->parameters() + Input::all(); $fixed = $this->getFixedParams(); $i18n = app('\\Aimeos\\Shop\\Base\\I18n')->get(array($locale)); $translation = $i18n[$locale]; } else { $translation = new \Aimeos\MW\Translation\None('en'); } $view = new \Aimeos\MW\View\Standard($templatePaths); $helper = new \Aimeos\MW\View\Helper\Translate\Standard($view, $translation); $view->addHelper('translate', $helper); $helper = new \Aimeos\MW\View\Helper\Url\Laravel5($view, app('url'), $fixed); $view->addHelper('url', $helper); $helper = new \Aimeos\MW\View\Helper\Param\Standard($view, $params); $view->addHelper('param', $helper); $helper = new \Aimeos\MW\View\Helper\Config\Standard($view, $config); $view->addHelper('config', $helper); $sepDec = $config->get('client/html/common/format/seperatorDecimal', '.'); $sep1000 = $config->get('client/html/common/format/seperator1000', ' '); $helper = new \Aimeos\MW\View\Helper\Number\Standard($view, $sepDec, $sep1000); $view->addHelper('number', $helper); $helper = new \Aimeos\MW\View\Helper\Request\Laravel5($view, Request::instance()); $view->addHelper('request', $helper); $helper = new \Aimeos\MW\View\Helper\Csrf\Standard($view, '_token', csrf_token()); $view->addHelper('csrf', $helper); return $view; }
/** * If the $intention is null, use the Laravel CSRF token. * * {@inheritdoc} */ public function renderCsrfToken($intention = null) { if (is_null($intention)) { return csrf_token(); } return parent::renderCsrfToken($intention); }
function csrf_form_input() { global $csrf_protection_name, $csrf_protection_xhtml; $token = csrf_token(); $endslash = $csrf_protection_xhtml ? ' /' : ''; return "<input type=\"hidden\" name=\"{$csrf_protection_name}\" value=\"{$token}\"{$endslash}>\n"; }
public function testMinification() { Session::start(); $response = $this->post('process', ['html' => '<p><!--This is a comment--></p>', '_token' => csrf_token()])->withoutMiddleware(); $this->assertResponseOk(); $this->assertJson('{"html": "<p></p>"}'); }
/** * @method string csrf_value($varlen, $str_to_shuffer) return the token * @param int $varlen the length of the input field name that will be generated * @param string $str_to_shuffer the string that will be used to generate the input field name * @return string the token */ function csrf_value($varlen = 6, $str_to_shuffer = "abcdefghijklmnopqrstuvwxyz0123456789_") { if (!isset($_SESSION["CSRF_NONCE_VALUE_{$_SERVER["REQUEST_URI"]}"])) { csrf_token($varlen, $str_to_shuffer); } return $_SESSION["CSRF_NONCE_VALUE_{$_SERVER["REQUEST_URI"]}"]; }
public function show($id) { //todo: Need to remove the user it self from the current online User. /* * Variable list: * 1. Current online User, fetch from Reids, remove the user itself. * 2. UserInformation, fetch from sqlite(mysql); * 3. Group list? */ /* * Get online User from Redis; */ $redis = Redis::connection(); // $onlineUserIdList = $redis->keys('*'); //Fix online UserIdList, all online user should be in one list; //todo: Need to fix the login, it shouldn't create a new list, but set keys for online user; $onlineUserIdList = $redis->hkeys("onlineUsers"); $onlineUsers = array(); foreach ($onlineUserIdList as $userId) { if (strcmp($userId, "user" . $id) != 0) { $onlineUsers[] = (object) $redis->hgetall($userId); } else { continue; } } //Get User Info $userInfo = User::find($id); $users = User::all(); return view('Lobby.Lobby', compact('userInfo', 'onlineUsers', 'users'))->withEncryptedCsrfToken(Crypt::encrypt(csrf_token())); }
public function getToken() { $response = new \stdClass(); $response->token = csrf_token(); $response->success = true; return response()->json($response); }
/** * Returns the initial HTML view for the admin interface. * * @return Response Response object containing the generated output */ public function indexAction() { $site = \Input::get('site', 'default'); $lang = \Input::get('lang', 'en'); $aimeos = app('\\Aimeos\\Shop\\Base\\Aimeos')->get(); $cntlPaths = $aimeos->getCustomPaths('controller/extjs'); $context = app('\\Aimeos\\Shop\\Base\\Context')->get(false); $context = $this->setLocale($context, $site, $lang); $controller = new \Controller_ExtJS_JsonRpc($context, $cntlPaths); $cssFiles = $jsFiles = array(); foreach ($aimeos->getCustomPaths('client/extjs') as $base => $paths) { foreach ($paths as $path) { $jsbAbsPath = $base . '/' . $path; if (!is_file($jsbAbsPath)) { throw new Exception(sprintf('JSB2 file "%1$s" not found', $jsbAbsPath)); } $jsb2 = new \MW_Jsb2_Default($jsbAbsPath, dirname($path)); $cssFiles = array_merge($cssFiles, $jsb2->getUrls('css')); $jsFiles = array_merge($jsFiles, $jsb2->getUrls('js')); } } $params = array('site' => '{site}', 'lang' => '{lang}', 'tab' => '{tab}'); $adminUrl = route('aimeos_shop_admin', $params); $jsonUrl = route('aimeos_shop_admin_json', array('_token' => csrf_token())); $vars = array('lang' => $lang, 'jsFiles' => $jsFiles, 'cssFiles' => $cssFiles, 'languages' => $this->getJsonLanguages($context), 'config' => $this->getJsonClientConfig($context), 'site' => $this->getJsonSiteItem($context, \Input::get('site', 'default')), 'i18nContent' => $this->getJsonClientI18n($aimeos->getI18nPaths(), $lang), 'searchSchemas' => $controller->getJsonSearchSchemas(), 'itemSchemas' => $controller->getJsonItemSchemas(), 'smd' => $controller->getJsonSmd($jsonUrl), 'urlTemplate' => urldecode($adminUrl), 'uploaddir' => \Config::get('shop::uploaddir'), 'activeTab' => \Input::get('tab', 0), 'version' => $this->getVersion()); return \View::make('shop::admin.index', $vars); }
public function getIndex() { $groups = Groups::select(['id', 'name'])->live()->orderBy('id', 'DESC'); return Datatables::of($groups)->add_column('actions', function ($row) { return permslink('settings/groups/data/perms/' . $row->id . '/edit', trans('app.edit_perms'), ['class' => 'btn btn-xs btn-warning']) . " " . permslink('settings/groups/' . $row->id . '/edit', trans('app.edit'), ['class' => "btn btn-xs btn-default"]) . " " . permslink('settings/groups/' . $row->id, trans('app.delete'), ['class' => "del-item btn btn-xs btn-danger", 'data-token' => csrf_token()]); })->removeColumn('id')->make(); }
/** * Display the input form * * @return html */ public function index() { // $encrypter = app('Illuminate\\Encryption\\Encrypter'); $encrypted_token = $encrypter->encrypt(csrf_token()); return View::make('content', ['token' => $encrypted_token]); }
/** * @param Nyaan\Application $app * @return string */ public function render(\Baguette\Application $app) { $token = csrf_token(); $app->session->set('token', $token); $params = $this->params + ['server' => $app->server, 'cookie' => $app->cookie, 'get' => $app->get, 'post' => $app->post, 'now' => $app->now, 'isLoggedIn' => $app->isLoggedIn(), 'loginUser' => $app->getLoginUser(), 'token' => $token]; return static::$twig->render($this->tpl_name, $params); }
public function testUploadAvatar() { $user = factory(\App\User::class)->create(); $this->actingAs($user)->visit('/dashboard'); $this->visit('/profile'); $this->call('POST', '/profile/update/avatar', ['avatar' => ' /images/avatar.png', '_token' => csrf_token()]); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $locale = config('app.locale'); $adminLocale = config('typicms.admin_locale'); $locales = config('translatable.locales'); // If locale is present in app.locales… if (in_array(Input::get('locale'), $locales)) { // …store locale in session Session::put('locale', Input::get('locale')); } // Set app.locale config(['app.locale' => Session::get('locale', $locale)]); // Set Translator locale to typicms.admin_locale config Lang::setLocale($adminLocale); $localesForJS = []; foreach ($locales as $key => $locale) { $localesForJS[] = ['short' => $locale, 'long' => trans('global.languages.' . $locale)]; } // Set Locales to JS. JavaScript::put(['_token' => csrf_token(), 'encrypted_token' => Crypt::encrypt(csrf_token()), 'adminLocale' => $adminLocale, 'locales' => $localesForJS, 'locale' => config('app.locale')]); // set curent user preferences to Config if ($request->user()) { $prefs = $request->user()->preferences; config(['typicms.user' => $prefs]); } return $next($request); }
function testVerify() { // Given $this->startSession(); $userData = ['name' => 'Some name', 'email' => '*****@*****.**', 'password' => 'strongpassword', 'country_code' => '1', 'phone_number' => '5558180101']; $user = new User($userData); $user->authy_id = 'authy_id'; $user->save(); $this->be($user); $mockAuthyApi = Mockery::mock('Authy\\AuthyApi')->makePartial(); $mockVerification = Mockery::mock(); $mockTwilioClient = Mockery::mock(\Twilio\Rest\Client::class)->makePartial(); $mockTwilioClient->messages = Mockery::mock(); $twilioNumber = config('services.twilio')['number']; $mockTwilioClient->messages->shouldReceive('create')->with($user->fullNumber(), ['body' => 'You did it! Signup complete :)', 'from' => $twilioNumber])->once(); $mockAuthyApi->shouldReceive('verifyToken')->with($user->authy_id, 'authy_token')->once()->andReturn($mockVerification); $mockVerification->shouldReceive('ok')->once()->andReturn(true); $this->app->instance(\Twilio\Rest\Client::class, $mockTwilioClient); $this->app->instance('Authy\\AuthyApi', $mockAuthyApi); $modifiedUser = User::first(); $this->assertFalse($modifiedUser->verified); // When $response = $this->call('POST', route('user-verify'), ['token' => 'authy_token', '_token' => csrf_token()]); // Then $modifiedUser = User::first(); $this->assertRedirectedToRoute('user-index'); $this->assertTrue($modifiedUser->verified); }
function recursiveArrayTable($array) { foreach ($array as $value) { $totalChild = count($value->children); $nbsp = ""; for ($i = 0; $i < $value->depth; $i++) { $nbsp .= " "; } echo "<tr>\n"; echo "\t<td>{$nbsp}\n"; if ($totalChild > 0) { echo "\t\t<i class=\"fa fa-caret-down\"></i> \n"; } else { echo "\t\t<i class=\"fa fa-caret-right\"></i> \n"; } echo "\t\t{$value->title}\n"; echo "\t</td>\n"; echo "\t<td class=\"text-center\">\n"; echo "\t\t<a href=\"" . route('categories.edit', ['categories' => $value->id]) . "\" type=\"button\" class=\"btn btn-xs btn-warning\" data-toggle=\"tooltip\" data-placement=\"top\" title=\"Edit\">\n"; echo "\t\t\t<span class=\"glyphicon glyphicon-edit\" aria-hidden=\"true\"></span>\n"; echo "\t\t</a>"; echo "\t\t<a href=\"" . route('categories.destroy', ['categories' => $value->id]) . "\" class=\"btn btn-xs btn-danger\" data-delete=\"" . csrf_token() . "\" data-toggle=\"tooltip\" data-placement=\"top\" title=\"Delete\">\n"; echo "\t\t\t<span class=\"glyphicon glyphicon-remove\" aria-hidden=\"true\"></span>\n"; echo "\t\t</a>\n"; echo "\t</td>\n"; echo "<tr>\n"; recursiveArrayTable($value->children); } }