php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-02 13:02:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added CSRF support.

Browse Source
This commit is contained in:
Qiang Xue
2013-04-25 15:09:07 -04:00
parent 7dd1f884c4
commit 989b8fa5bf
3 changed files with 99 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
framework/helpers/base/Html.php
View File

@ -293,12 +293,16 @@ class Html
$hiddenInputs = array();
if (strcasecmp($method, 'get') && strcasecmp($method, 'post')) {
// simulate PUT, DELETE, etc. via POST
if (($request = Yii::$app->getRequest()) instanceof Request) {
$request = Yii::$app->getRequest();
if ($request instanceof Request) {
if (strcasecmp($method, 'get') && strcasecmp($method, 'post')) {
// simulate PUT, DELETE, etc. via POST
$hiddenInputs[] = static::hiddenInput($request->restVar, $method);
$method = 'post';
}
if ($request->enableCsrfValidation) {
$hiddenInputs[] = static::hiddenInput($request->csrfTokenName, $request->getCsrfToken());
}
}
if (!strcasecmp($method, 'get') && ($pos = strpos($action, '?')) !== false) {