| [ Index ] |
PHP Cross Reference of vtigercrm-6.1.0 |
[Source view] [Print] [Project Stats]
(no description)
| File Size: | 430 lines (15 kb) |
| Included or required: | 1 time |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
| csrf_ob_handler($buffer, $flags) X-Ref |
| Rewrites <form> on the fly to add CSRF tokens to them. This can also inject our JavaScript library. |
| csrf_check($fatal = true) X-Ref |
| Checks if this is a post request, and if it is, checks if the nonce is valid. param: bool $fatal Whether or not to fatally error out if there is a problem. return: True if check passes or is not necessary, false if failure. |
| csrf_get_tokens() X-Ref |
| Retrieves a valid token(s) for a particular context. Tokens are separated by semicolons. |
| csrf_flattenpost($data) X-Ref |
| No description |
| csrf_flattenpost2($level, $key, $data) X-Ref |
| No description |
| csrf_callback($tokens) X-Ref |
param: $tokens is safe for HTML consumption |
| vtResponseForIllegalAccess() X-Ref |
| Function to echo response when CSRF check fails This should be helpful in production. For debigging use csrf_callback(). It is configurable by setting $GLOBALS['csrf']['callback'] in this file |
| csrf_check_tokens($tokens) X-Ref |
| Checks if a composite token is valid. Outward facing code should use this instead of csrf_check_token() |
| csrf_check_token($token) X-Ref |
| Checks if a token is valid. |
| csrf_conf($key, $val) X-Ref |
| Sets a configuration value. |
| csrf_start() X-Ref |
| Starts a session if we're allowed to. |
| csrf_get_secret() X-Ref |
| Retrieves the secret, and generates one if necessary. |
| csrf_generate_secret($len = 32) X-Ref |
| Generates a random string as the hash of time, microtime, and mt_rand. |
| csrf_hash($value, $time = null) X-Ref |
| Generates a hash/expiry double. If time isn't set it will be calculated from the current time. |
| Generated: Fri Nov 28 20:08:37 2014 | Cross-referenced by PHPXref 0.7.1 |