tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-01 13:48:37 +02:00
Code Issues Projects Releases Wiki Activity

Added $SecurityID for templates

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@47839 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Andrew O'Neil 2008-01-10 20:47:50 +00:00
parent 3936bc516b
commit a597942984
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
core/ViewableData.php
View File

@ -684,6 +684,22 @@ class ViewableData extends Object implements Iterator {
return Member::currentUser();
}
/**
* Returns the Security ID.
* This is used to prevent CRSF attacks in forms.
* @return int
*/
function SecurityID() {
if(Session::get('SecurityID')) {
$securityID = Session::get('SecurityID');
} else {
$securityID = rand();
Session::set('SecurityID', $securityID);
}
return $securityID;
}
/**
* Checks if the current user has the given permission.
* Can be used to implement security-specific sections within templates