Oderuz CMS - PHP & MySQLi
- Thread starter necm1
- Start date
- Status
necm1
Member
- Jan 27, 2014
- 111
- 16
- Thread starter
- #47
What pencms?
Update:
Code:
//CRSF Protection, thanks to Steve Winfield - Twitter: http://twitter.com/WinfieldSteve
session_start();
ob_start();
if (!isset($_SESSION['SEC_TOKEN'])) $_SESSION['SEC_TOKEN'] = md5(uniqid().uniqid().mt_rand());
if (count($_POST) > 0 && (!isset($_POST['token']) || $_POST['token'] != $_SESSION['SEC_TOKEN'])) exit;
register_shutdown_function(function() {
$data = ob_get_clean();
preg_match_all('\'<form .*?>(.*?)</form>\'si', $data, $match, PREG_OFFSET_CAPTURE);
$toAdd = 0;
$hiddenToken = '<input type="hidden" name="token" value="'.$_SESSION['SEC_TOKEN'].'" />';
if($match) {
foreach ($match[0] as $entry) {
$data = substr($data, 0, ($offset = (strpos($entry[0], '</form>') + $entry[1] + $toAdd))) . $hiddenToken . substr($data, $offset);
$toAdd += strlen($hiddenToken);
}
}
echo $data;
});
)
necm1
Member
- Jan 27, 2014
- 111
- 16
- Thread starter
- #50
So, I have a part made ready or not all. The Extra Page Page had was not ready yet, but in course of time, I will offer it for download.
Unfortunately, I have not even started with the housekeeping, which is not likely to change in time, because now I have to take care of my Vocational things.
Download it!:
Unfortunately, I have not even started with the housekeeping, which is not likely to change in time, because now I have to take care of my Vocational things.
Download it!:
You must be registered for see links
- Status
