bludit/bl-kernel/boot/rules/99.security.php

<?php defined('BLUDIT') or die('Bludit CMS.');

// ============================================================================
// Variables
// ============================================================================

// ============================================================================
// Functions
// ============================================================================

// ============================================================================
// Main before POST
// ============================================================================

// ============================================================================
// POST Method
// ============================================================================

if( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
	$token = isset($_POST['tokenCSRF']) ? Sanitize::html($_POST['tokenCSRF']) : false;

	if( !$Security->validateTokenCSRF($token) )
	{
		Log::set(__FILE__.LOG_SEP.'Error occurred when trying to validate the tokenCSRF. Token CSRF ID: '.$token);

		// Destroy the session.
		Session::destroy();

		// Redirect to login panel.
		Redirect::page('admin', 'login');
	}
	else
	{
		unset($_POST['tokenCSRF']);
	}
}

// ============================================================================
// Main after POST
// ============================================================================
Updates 2015-09-08 02:51:48 +02:00			`<?php defined('BLUDIT') or die('Bludit CMS.');`

			`// ============================================================================`
			`// Variables`
			`// ============================================================================`

			`// ============================================================================`
			`// Functions`
			`// ============================================================================`

			`// ============================================================================`
			`// Main before POST`
			`// ============================================================================`

			`// ============================================================================`
			`// POST Method`
			`// ============================================================================`

			`if( $_SERVER['REQUEST_METHOD'] == 'POST' )`
			`{`
Login access code via email 2015-10-20 05:14:28 +02:00			`$token = isset($_POST['tokenCSRF']) ? Sanitize::html($_POST['tokenCSRF']) : false;`
Updates 2015-09-08 02:51:48 +02:00
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`if( !$Security->validateTokenCSRF($token) )`
Updates 2015-09-08 02:51:48 +02:00			`{`
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`Log::set(__FILE__.LOG_SEP.'Error occurred when trying to validate the tokenCSRF. Token CSRF ID: '.$token);`
Updates 2015-09-08 02:51:48 +02:00
			`// Destroy the session.`
			`Session::destroy();`

			`// Redirect to login panel.`
			`Redirect::page('admin', 'login');`
			`}`
			`else`
			`{`
Login access code via email 2015-10-20 05:14:28 +02:00			`unset($_POST['tokenCSRF']);`
Updates 2015-09-08 02:51:48 +02:00			`}`
			`}`

			`// ============================================================================`
			`// Main after POST`
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// ============================================================================`