function path($action, $model_name, $model_id = "", $prefix = "", $query_array = array(), $include_csrf = false) { $query_string = ""; $include_start_char = URL_REWRITE; if ($include_csrf) { $query_array["csrf_token"] = get_csrf_token(); } if (STATE == "development" && isset($GLOBALS["query_array"]["current_date"])) { $query_array["current_date"] = $GLOBALS["query_array"]["current_date"]; } foreach ($query_array as $key => $value) { if (!is_empty($value)) { if ($include_start_char) { $query_string .= "?"; $include_start_char = false; } else { $query_string .= "&"; } if ($key == "tags") { $query_string .= "tags=" . tag_array_to_string($value); } else { $query_string .= $key . "=" . $value; } } } if (!URL_REWRITE) { return true_path($action, $model_name, $model_id, $prefix) . $query_string; } return ROOT_PATH . (is_empty($prefix) ? "" : $prefix . "/") . $model_name . (is_empty($model_id) ? "" : "/" . $model_id) . (is_empty($action) ? "" : "/" . $action) . $query_string; }
/** * {@inheritdoc} * * @todo Use combined arguments parser when it will be implemented in * Handlebars.php. */ public function execute(Template $template, Context $context, $args, $source) { $named_args = $template->parseNamedArguments($args); $positional_args = $template->parseArguments($args); $route_name = (string) $context->get($positional_args[0]); $parameters = array(); foreach ($named_args as $name => $parsed_arg) { $parameters[$name] = $context->get($parsed_arg); } $parameters['csrf_token'] = get_csrf_token(); return $this->getRouter()->generate($route_name, $parameters); }
echo "<font color='red'>输入不完整!<a href='javascript:history.back();'>返回重新填写</a></font>"; exit; } $str = explode("_", $ssid); //论坛首页地址 $baseUrl = 'http://' . urldecode($str[0]); //签到页面地址 $signPageUrl = $baseUrl . '/index.php?m=task'; //签到信息提交地址 $signSubmitUrl = $baseUrl . '/index.php?m=space&c=punch&a=punch'; //存放Cookies的文件 $cookie_file = './getcookie/cookie_' . $ssid . '.txt'; //访问签到页面 $res = curl_get($signPageUrl, true, true); //获取csrf_token $csrf_token = get_csrf_token($res); //构造签到信息 $post_data = array('csrf_token' => $csrf_token); //提交签到信息 $res = curl_get($signSubmitUrl, true, true, $baseUrl, $post_data); $arr = json_decode($res, true); if ($arr['state'] == 'success') { $resultStr = '签到成功!获得奖励:' . $arr['data']['reward']; } elseif (strpos($arr['message'][0], '已经打卡')) { $resultStr = $arr['message'][0]; } else { $resultStr = '签到失败!' . $arr['message'][0]; } if (isset($_REQUEST['sys'])) { $posturl = '../index.php?mod=sc&my=add1&sys=' . $_REQUEST['sys']; $addurl = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . '?id=' . $ssid;
function form_csrf_token() { return form_hidden("csrf_token", get_csrf_token()); }
/** * */ function csrf_token_input() { return '<input type="hidden" name="csrf_token" value="' . h(get_csrf_token()) . '">'; }