From 9f08de18d7731734d0e12b9c9f6ee3e0366fa133 Mon Sep 17 00:00:00 2001 From: thinkphp Date: Sat, 26 Mar 2016 13:48:49 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0method=E5=92=8Ctoken=E9=AA=8C?= =?UTF-8?q?=E8=AF=81=E8=A7=84=E5=88=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- library/think/Validate.php | 41 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/library/think/Validate.php b/library/think/Validate.php index eeb92eec..cc7e5576 100644 --- a/library/think/Validate.php +++ b/library/think/Validate.php @@ -67,6 +67,8 @@ class Validate 'eq' => ':attribute必须等于 :rule', 'unique' => ':attribute已存在', 'regex' => ':attribute不符合指定规则', + 'method' => '无效的请求类型', + 'token' => '令牌数据无效', ]; // 当前验证场景 @@ -355,6 +357,33 @@ class Validate return true !== $result ? $result : true; } + /** + * 验证表单令牌(需要配置令牌生成行为) + * @access protected + * @param mixed $value 字段值 + * @param mixed $rule 验证规则 + * @param array $data 数据 + * @return bool + */ + protected function token($value, $rule, $data) + { + if (!isset($data[$rule]) || !isset($_SESSION[$rule])) { + // 令牌数据无效 + return false; + } + + // 令牌验证 + list($key, $value) = explode('_', $data[$rule]); + if (isset($_SESSION[$rule][$key]) && $value && $_SESSION[$rule][$key] === $value) { + // 防止重复提交 + unset($_SESSION[$rule][$key]); // 验证完成销毁session + return true; + } + // 开启TOKEN重置 + unset($_SESSION[$rule][$key]); + return false; + } + /** * 验证是否和某个字段的值一致 * @access protected @@ -519,6 +548,18 @@ class Validate return checkdnsrr($value, $rule); } + /** + * 验证请求类型 + * @access protected + * @param mixed $value 字段值 + * @param mixed $rule 验证规则 + * @return bool + */ + protected function method($value, $rule) + { + return REQUEST_METHOD == strtoupper($rule); + } + /** * 验证时间和日期是否符合指定格式 * @access protected