示例#1
0
 public function securePost()
 {
     if ($this->isPost()) {
         $csrf = Session::get('skankydev.form.csrf');
         $this->data = (object) $_POST;
         if ($csrf) {
             $token = $_POST['_token'];
             if (!$csrf->checkValue($token) || !$csrf->checkTime()) {
                 throw new Exception("CRSF error", 500);
                 //dont throw exeption in construct;
             } else {
                 unset($this->data->_token);
             }
         }
     }
 }
示例#2
0
 /**
  * display flash message;
  * @return string the html;
  */
 public function display()
 {
     $retour = '';
     if (!empty($this->messages)) {
         foreach ($this->messages as $message) {
             $tag = $this->default['tags'][1];
             if (isset($message['attr']['class'])) {
                 $message['attr']['class'] .= ' flash-message';
             } else {
                 $message['attr']['class'] = 'flash-message';
             }
             $retour .= $this->surround($message['messages'], $tag, $message['attr']);
         }
         $retour = $this->surround($retour, $this->default['tags'][0]);
         unset($this->messages);
     }
     Session::delete('FlashMessage');
     return $retour;
 }
示例#3
0
 public function __construct()
 {
     try {
         Config::getConf();
         Auth::loadClass();
         //we c'est un peux de la triche
         Session::start();
         EventManager::init();
         $this->request = Request::getInstance();
         $this->router = Router::getInstance();
         $this->auth = Auth::getInstance();
         include_once APP_FOLDER . DS . 'config' . DS . 'bootstrap.php';
         $this->request->securePost();
         $view = $this->router->execute();
         $view->render();
     } catch (Exception $e) {
         $this->controller = new ErrorController($e);
     }
 }
示例#4
0
 /**
  * create the form balise
  * @param  string $action the url for valide form
  * @param  array  $attr   the attribute
  * @param  string $method the method of form (default POST)
  * @param  string $csrf   active CSRF protection
  * @return string         the balise form
  */
 public function start($action, $attr = [], $method = 'POST', $csrf = true)
 {
     $retour = '<form action="' . $action . '" ';
     $attr = array_merge($this->formAttr, $attr);
     $retour .= $this->createAttr($attr);
     $retour .= 'method="' . $method . '">';
     if ($csrf) {
         $token = new Token();
         Session::set('skankydev.form.csrf', $token);
         $retour .= $this->input('_token', ['type' => 'hidden', 'value' => $token->value]);
     }
     return $retour;
 }
示例#5
0
 public function set($message, $attr = [])
 {
     $this->messages[] = ['messages' => $message, 'attr' => $attr];
     Session::set('FlashMessage', $this->messages);
 }
示例#6
0
文件: Auth.php 项目: skank/skankydev
 public function setBackLink()
 {
     if (!Session::get('skankydev.backlink')) {
         Session::set('skankydev.backlink', $this->historique->comeFrom());
     }
 }
示例#7
0
 /**
  * set the last
  * @return [type] [description]
  */
 function notDirect()
 {
     $this->history[0]['direct'] = false;
     Session::set('skankydev.historique.0.direct', false);
 }