[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] CVS: phpgwapi/inc class.phpgw.inc.php,1.42.4.1,1.42.4
From: |
Dave Hall <address@hidden> |
Subject: |
[Phpgroupware-cvs] CVS: phpgwapi/inc class.phpgw.inc.php,1.42.4.1,1.42.4.2 class.sessions.inc.php,1.104.4.12,1.104.4.13 |
Date: |
Sat, 21 Jun 2003 19:46:13 -0400 |
Update of /cvsroot/phpgroupware/phpgwapi/inc
In directory subversions:/tmp/cvs-serv8686
Modified Files:
Tag: Version-0_9_16-branch
class.phpgw.inc.php class.sessions.inc.php
Log Message:
adding repost prevention
Index: class.phpgw.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/phpgwapi/inc/class.phpgw.inc.php,v
retrieving revision 1.42.4.1
retrieving revision 1.42.4.2
diff -C2 -r1.42.4.1 -r1.42.4.2
*** class.phpgw.inc.php 31 Mar 2003 00:32:03 -0000 1.42.4.1
--- class.phpgw.inc.php 21 Jun 2003 23:46:11 -0000 1.42.4.2
***************
*** 6,9 ****
--- 6,10 ----
* This is the central class for the phpGroupWare API
*
* Copyright (C) 2000, 2001 Dan Kuykendall
*
+ * Parts Copyright (C) 2003 Free Software Foundation
*
*
-------------------------------------------------------------------------*
* This library is part of the phpGroupWare API
*
***************
*** 76,80 ****
*
* @access public
! * @param $s string The string to have its html special
chars stripped out.
* @return string The string with html special characters
removed
* @syntax strip_html($string)
--- 77,81 ----
*
* @access public
! * @param $s string The string to have its html special chars
stripped out.
* @return string The string with html special characters
removed
* @syntax strip_html($string)
***************
*** 92,97 ****
*
* @access public
! * @param string $string The url the link is for
! * @param string $extravars Extra params to be
passed to the url
* @return string The full url after processing
* @see session->link()
--- 93,98 ----
*
* @access public
! * @param string $string The url the link is for
! * @param string $extravars Extra params to be
passed to the url
* @return string The full url after processing
* @see session->link()
***************
*** 101,105 ****
function link($url = '', $extravars = '')
{
- /* global $phpgw, $phpgw_info, $usercookie, $kp3,
$PHP_SELF; */
return $this->session->link($url, $extravars);
}
--- 102,105 ----
***************
*** 108,111 ****
--- 108,129 ----
{
$this->redirect($this->session->link($url, $extravars));
+ }
+
+ /**
+ * Repsost Prevention Detection
+ *
+ * Used as a shortcut. Wrapper to session->is_repost()
+ *
+ * @access public
+ * @param bool $display_error Use common error handler? - not
yet implemented
+ * @return bool True if called previously, else False - call ok
+ * @see session->is_repost()
+ * @syntax is_post()
+ * @example $repost = $GLOBALS['phpgwapi']->is_repost();
+ * @author Dave Hall
+ */
+ function is_repost($display_error = False)
+ {
+ return $this->session->is_repost($display_error);
}
Index: class.sessions.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/phpgwapi/inc/class.sessions.inc.php,v
retrieving revision 1.104.4.12
retrieving revision 1.104.4.13
diff -C2 -r1.104.4.12 -r1.104.4.13
*** class.sessions.inc.php 6 Jun 2003 21:50:30 -0000 1.104.4.12
--- class.sessions.inc.php 21 Jun 2003 23:46:11 -0000 1.104.4.13
***************
*** 6,9 ****
--- 6,10 ----
* and Ralf Becker <address@hidden> *
* Copyright (C) 2000, 2001 Dan Kuykendall *
+ * Parts Copyright (C) 2003 Free Software Foundation Inc
*
* -------------------------------------------------------------------------*
* This library is part of the phpGroupWare API *
***************
*** 43,46 ****
--- 44,48 ----
var $account_id;
var $account_lid;
+ var $history_id;
var $account_domain;
var $session_flags;
***************
*** 114,117 ****
--- 116,124 ----
$save_rep = True;
}
+ if
(!isset($GLOBALS['phpgw_info']['server']['max_history']))
+ {
+ $GLOBALS['phpgw_info']['server']['max_history']
= 20;
+ $save_rep = True;
+ }
if ($save_rep)
{
***************
*** 891,894 ****
--- 898,952 ----
}
}
+ /*!
+ @function generate_click_history
+ @abstract additional tracking of user actions - prevents
reposts/use of back button
+ @returns string current history id
+ @author Dave Hall
+ */
+ function generate_click_history()
+ {
+ if(!isset($this->history_id))
+ {
+ $this->history_id = md5($this->login . time());
+ $history = $this->appsession($location =
'history', $appname = 'phpgwapi');
+
+ if(count($history) >=
$GLOBALS['phpgw_info']['server']['max_history'])
+ {
+ array_shift($history);
+ $this->appsession($location =
'history', $appname = 'phpgwapi', $history);
+ }
+ }
+ return $this->history_id;
+ }
+
+ /*!
+ @function is_repost
+ @abstract detects if the page has already been called before -
good for forms
+ @function is_repost($diplay_error)
+ @param $diplay_error - when implemented will use the generic
error handling code
+ @returns True if called previously, else False - call ok
+ @author Dave Hall
+ */
+ function is_repost($display_error = False)
+ {
+ $history = $this->appsession($location = 'history',
$appname = 'phpgwapi');
+ if(isset($history[$_GET['click_history']]))
+ {
+ if($display_error)
+ {
+
$GLOBALS['phpgw']->redirect_link('/error.php', 'type=repost');//more on this
later :)
+ }
+ else
+ {
+ return True; //handled by the app
+ }
+ }
+ else
+ {
+ $history[$_GET['click_history']] = True;
+ $this->appsession($location = 'history',
$appname = 'phpgwapi', $history);
+ return False;
+ }
+ }
/*************************************************************************\
***************
*** 973,976 ****
--- 1031,1037 ----
$extravars['domain'] = $this->account_domain;
}
+
+ //used for repost prevention
+ $extravars['click_history'] =
$this->generate_click_history();
/* if we end up with any extravars then we generate the
url friendly string */
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] CVS: phpgwapi/inc class.phpgw.inc.php,1.42.4.1,1.42.4.2 class.sessions.inc.php,1.104.4.12,1.104.4.13,
Dave Hall <address@hidden> <=
- Prev by Date:
[Phpgroupware-cvs] CVS: property/inc class.uiproject.inc.php,1.28,1.29 class.uilookup.inc.php,1.23,1.24class.uiinvestment.inc.php,1.20,1.21 class.solocation.inc.php,1.12,1.13 class.botts.inc.php,1.12,1.13 class.boproject.inc.php,1.8,1.9 class.bolocation.inc.php,1.13,1.14 class.boinvestment.inc.php,1.9,1.10
- Next by Date:
[Phpgroupware-cvs] CVS: property/inc class.uilocation.inc.php,1.15,1.16 class.solocation.inc.php,1.13,1.14 class.bolocation.inc.php,1.14,1.15 class.bocommon.inc.php,1.56,1.57
- Previous by thread:
[Phpgroupware-cvs] CVS: property/inc class.uiproject.inc.php,1.28,1.29 class.uilookup.inc.php,1.23,1.24class.uiinvestment.inc.php,1.20,1.21 class.solocation.inc.php,1.12,1.13 class.botts.inc.php,1.12,1.13 class.boproject.inc.php,1.8,1.9 class.bolocation.inc.php,1.13,1.14 class.boinvestment.inc.php,1.9,1.10
- Next by thread:
[Phpgroupware-cvs] CVS: property/inc class.uilocation.inc.php,1.15,1.16 class.solocation.inc.php,1.13,1.14 class.bolocation.inc.php,1.14,1.15 class.bocommon.inc.php,1.56,1.57
- Index(es):