Skip to content

Instantly share code, notes, and snippets.

@paperen

paperen/MY_Form_validation.php

Created December 20, 2012 17:25
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save paperen/4346941 to your computer and use it in GitHub Desktop.
Save paperen/4346941 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
MY_Form_validation.php
<?php
/**
* 表单验证加入令牌扩展
* @package application/libraries
* @author paperen
*/
if ( !defined( 'BASEPATH' ) ) exit( 'No direct script access allowed' );
class MY_Form_validation extends CI_Form_validation
{
public $CI;
// 调试模式
private $_debug;
// token标识符
const TOKEN_TAG = '<!--__TOKEN__-->';
// token session键值
const TOKEN_SESSION = 'token';
// token 过期时间(分钟 0没有限制
const TOKEN_TIMEOUT = 0;
function __construct() {
parent::__construct();
$this->CI = & get_instance();
$this->CI->load->library( 'session' );
// 是否调试模式
$this->_debug = ( defined( 'ENVIRONMENT' ) && ENVIRONMENT == 'development' ) ? TRUE : FALSE;
}
/**
* 检查session中是否存在token
*/
private function _is_token() {
return $this->CI->session->userdata( self::TOKEN_SESSION ) ? TRUE : FALSE;
}
/**
* 判断令牌是否正确
* @return bool 正确true/不正确false
*/
function check_token() {
// 调试模式
if ( $this->_debug ) return TRUE;
// 判断是否存在token
if ( $this->_is_token() ) {
$now = time();
$timeout = self::TOKEN_TIMEOUT * 60;
$token = $this->get_token();
if ( $token && $this->CI->input->post( self::TOKEN_SESSION ) == md5( $token ) ) {
// 销毁掉
$this->destroy_token();
// 没时间限制
if ( $timeout == 0 ) return TRUE;
return ($now - $token) < $timeout;
}
}
// 销毁掉
$this->destroy_token();
return FALSE;
}
/**
* 设置token值
* @param string
*/
public function set_token( $value ) {
$this->CI->session->set_userdata( self::TOKEN_SESSION, $value );
}
/**
* 获取token值
* @return string
*/
public function get_token() {
return $this->CI->session->userdata( self::TOKEN_SESSION );
}
/**
* 销毁存在session的token值
*/
public function destroy_token() {
$this->CI->session->unset_userdata( self::TOKEN_SESSION );
}
/**
* 生成令牌
*/
public function create_token() {
$output = $this->CI->output->get_output();
// 是否存在令牌标识符
if ( strpos( $output, self::TOKEN_TAG ) !== FALSE ) {
// 生成并设置令牌
$time = time();
$this->set_token( $time );
// 生成input
$name = self::TOKEN_SESSION;
$value = md5( $time );
$token_html = "<input type=\"hidden\" name=\"{$name}\" value=\"{$value}\">";
$output = str_replace( self::TOKEN_TAG, $token_html, $output );
}
$this->CI->output->set_output( $output );
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment