John Reese
By: a guest on Jun 21st, 2010 | syntax: Diff | size: 1.46 KB | hits: 192 | expires: Never
Copied
- From 414e35a07b1808d0f58f033759e501af3a569be9 Mon Sep 17 00:00:00 2001
- From: John Reese <JohnMichael.Reese@ge.com>
- Date: Mon, 21 Jun 2010 13:43:03 -0400
- Subject: [PATCH 1/3] Added form_action_self() API function
- Helper function to generate a form action value when forms are designed
- to be submitted to the same url that's is currently being used, such as
- helper_ensure_confirmed() or auth_reauthenticate().
- Designed to fix issues with using reverse proxies that rewrite URLs for
- the application server. By using a standard self-relative form action,
- it prevents issues where SCRIPT_NAME on the application server does not
- match the URL that the client is using.
- ---
- core/form_api.php | 10 ++++++++++
- 1 files changed, 10 insertions(+), 0 deletions(-)
- diff --git a/core/form_api.php b/core/form_api.php
- index b1144c7..d723492 100644
- --- a/core/form_api.php
- +++ b/core/form_api.php
- @@ -29,6 +29,16 @@
- */
- /**
- + * Helper function to generate a form action value when forms are designed
- + * to be submitted to the same url that's is currently being used, such as
- + * helper_ensure_confirmed() or auth_reauthenticate().
- + * @return string Form action value
- + */
- +function form_action_self() {
- + return basename($_SERVER['PHP_SELF']);
- +}
- +
- +/**
- * Generate a random security token, prefixed by date, store it in the
- * user's session, and then return the string to be used as a form element
- * element with the security token as the value.
- --
- 1.7.0.4
create a new version of this paste
RAW Paste Data