From: Michael M Slusarz Date: Thu, 2 Dec 2010 23:36:17 +0000 (-0700) Subject: Remove Horde::[get|check]RequestToken() X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=9210c133af8982e6336e20dc9e5bd70a24086b3e;p=horde.git Remove Horde::[get|check]RequestToken() --- diff --git a/framework/Core/lib/Horde.php b/framework/Core/lib/Horde.php index 6dad1e40a..feb83851d 100644 --- a/framework/Core/lib/Horde.php +++ b/framework/Core/lib/Horde.php @@ -348,31 +348,6 @@ HTML; } /** - * Get a token for protecting a form. - * - * @param string $slug Slug name. - * - * @return string Token string. - */ - static public function getRequestToken($slug) - { - return $GLOBALS['injector']->getInstance('Horde_Token')->get($slug); - } - - /** - * Check if a token for a form is valid. - * - * @param string $slug Slug name. - * @param string $token Token to check. - * - * @throws Horde_Exception - */ - static public function checkRequestToken($slug, $token) - { - $GLOBALS['injector']->getInstance('Horde_Token')->isValid($token, $slug); - } - - /** * Add a signature + timestamp to a query string and return the signed query * string. * diff --git a/framework/Core/lib/Horde/Core/Prefs/Ui.php b/framework/Core/lib/Horde/Core/Prefs/Ui.php index acabfeba1..0d5bd1cda 100644 --- a/framework/Core/lib/Horde/Core/Prefs/Ui.php +++ b/framework/Core/lib/Horde/Core/Prefs/Ui.php @@ -197,8 +197,8 @@ class Horde_Core_Prefs_Ui if ($this->vars->actionID) { try { - Horde::checkRequestToken('horde.prefs', $this->vars->horde_prefs_token); - } catch (Horde_Exception $e) { + $GLOBALS['injector']->getInstance('Horde_Token')->validate($this->vars->horde_prefs_token, 'horde.prefs'); + } catch (Horde_Token_Exception $e) { $GLOBALS['notification']->push($e); return; } @@ -621,7 +621,7 @@ class Horde_Core_Prefs_Ui $t->set('app', htmlspecialchars($this->app)); $t->set('group', htmlspecialchars($this->group)); $t->set('label', htmlspecialchars($this->prefGroups[$this->group]['label'])); - $t->set('token', Horde::getRequestToken('horde_prefs')); + $t->set('token', $GLOBALS['injector']->getInstance('Horde_Token')->get('horde.prefs')); // Search for previous and next groups. if (count($prefgroups) > 1) { diff --git a/imp/compose.php b/imp/compose.php index 752ef20d2..04eb9d042 100644 --- a/imp/compose.php +++ b/imp/compose.php @@ -68,8 +68,8 @@ if ($vars->actionID) { default: try { - Horde::checkRequestToken('imp.compose', $vars->compose_requestToken); - } catch (Horde_Exception $e) { + $injector->getInstance('Horde_Token')->validate($vars->compose_requestToken, 'imp.compose'); + } catch (Horde_Token_Exception $e) { $notification->push($e); $vars->actionID = null; } @@ -397,7 +397,7 @@ case 'send_message': if ($vars->actionID == 'auto_save_draft') { $request = new stdClass; - $request->requestToken = Horde::getRequestToken('imp.compose'); + $request->requestToken = $injector->getInstance('Horde_Token')->get('imp.compose'); $request->formToken = Horde_Token::generateId('compose'); Horde::sendHTTPResponse(Horde::prepareResponse($request), 'json'); exit; @@ -687,7 +687,7 @@ if ($redirect) { /* Prepare the redirect template. */ $t->set('cacheid', $composeCacheID); $t->set('title', htmlspecialchars($title)); - $t->set('token', Horde::getRequestToken('imp.compose')); + $t->set('token', $injector->getInstance('Horde_Token')->get('imp.compose')); Horde::startBuffer(); IMP::status(); @@ -717,7 +717,7 @@ if ($redirect) { 'actionID' => '', 'attachmentAction' => '', 'compose_formToken' => Horde_Token::generateId('compose'), - 'compose_requestToken' => Horde::getRequestToken('imp.compose'), + 'compose_requestToken' => $injector->getInstance('Horde_Token')->get('imp.compose'), 'composeCache' => $composeCacheID, 'mailbox' => htmlspecialchars(IMP::$mailbox), 'oldrtemode' => $rtemode, diff --git a/imp/folders.php b/imp/folders.php index 03cf720ed..a527085ed 100644 --- a/imp/folders.php +++ b/imp/folders.php @@ -56,14 +56,17 @@ if (isset($vars->folder_list)) { } } +/* Token to use in requests */ +$folders_token = $injector->getInstance('Horde_Token')->get('imp.folders'); + /* META refresh time (might be altered by actionID). */ $refresh_time = $prefs->getValue('refresh_time'); /* Run through the action handlers. */ if ($vars->actionID) { try { - Horde::checkRequestToken('imp.folders', $vars->folders_token); - } catch (Horde_Exception $e) { + $injector->getInstance('Horde_Token')->validate($vars->folders_token, 'imp.folders'); + } catch (Horde_Token_Exception $e) { $notification->push($e); $vars->actionID = null; } @@ -276,7 +279,7 @@ case 'folders_empty_mailbox_confirm': $template->set('empty', ($vars->actionID == 'folders_empty_mailbox_confirm')); $template->set('folders', $loop); $template->set('folders_url', $folders_url); - $template->set('folders_token', Horde::getRequestToken('imp.folders')); + $template->set('folders_token', $folders_token); echo $template->fetch(IMP_TEMPLATES . '/imp/folders/folders_confirm.html'); require $registry->get('templates', 'horde') . '/common-footer.inc'; @@ -334,9 +337,6 @@ case 'search': break; } -/* Token to use in requests */ -$folders_token = Horde::getRequestToken('imp.folders'); - $folders_url_ob = new Horde_Url($folders_url); $folders_url_ob->add('folders_token', $folders_token); diff --git a/imp/lib/Application.php b/imp/lib/Application.php index 1bd8eaee1..6d4dd7f46 100644 --- a/imp/lib/Application.php +++ b/imp/lib/Application.php @@ -265,7 +265,7 @@ class IMP_Application extends Horde_Registry_Application 'icon' => 'empty_trash.png', 'onclick' => 'return window.confirm(' . Horde_Serialize::serialize(_("Are you sure you wish to empty your trash folder?"), Horde_Serialize::JSON, 'UTF-8') . ')', 'text' => _("Empty _Trash"), - 'url' => IMP::generateIMPUrl($menu_mailbox_url, $trash_folder)->add(array('actionID' => 'empty_mailbox', 'mailbox_token' => Horde::getRequestToken('imp.mailbox'))) + 'url' => IMP::generateIMPUrl($menu_mailbox_url, $trash_folder)->add(array('actionID' => 'empty_mailbox', 'mailbox_token' => $injector->getInstance('Horde_Token')->get('imp.mailbox'))) )); } } @@ -278,7 +278,7 @@ class IMP_Application extends Horde_Registry_Application 'icon' => 'empty_spam.png', 'onclick' => 'return window.confirm(' . Horde_Serialize::serialize(_("Are you sure you wish to empty your trash folder?"), Horde_Serialize::JSON, 'UTF-8') . ')', 'text' => _("Empty _Spam"), - 'url' => IMP::generateIMPUrl($menu_mailbox_url, IMP::folderPref($spam_folder, true))->add(array('actionID' => 'empty_mailbox', 'mailbox_token' => Horde::getRequestToken('imp.mailbox'))) + 'url' => IMP::generateIMPUrl($menu_mailbox_url, IMP::folderPref($spam_folder, true))->add(array('actionID' => 'empty_mailbox', 'mailbox_token' => $injector->getInstance('Horde_Token')->get('imp.mailbox'))) )); } } diff --git a/imp/lib/Contents.php b/imp/lib/Contents.php index 8bc136a57..40ac98445 100644 --- a/imp/lib/Contents.php +++ b/imp/lib/Contents.php @@ -709,7 +709,7 @@ class IMP_Contents (intval($id) != 1) && (strpos($id, '.') === false)) { if ($mask & self::SUMMARY_STRIP_LINK) { - $url = Horde::selfUrl(true)->remove(array('actionID', 'imapid', 'uid'))->add(array('actionID' => 'strip_attachment', 'imapid' => $id, 'uid' => $this->_uid, 'message_token' => Horde::getRequestToken('imp.impcontents'))); + $url = Horde::selfUrl(true)->remove(array('actionID', 'imapid', 'uid'))->add(array('actionID' => 'strip_attachment', 'imapid' => $id, 'uid' => $this->_uid, 'message_token' => $GLOBALS['injector']->getInstance('Horde_Token')->get('imp.impcontents'))); $part['strip'] = Horde::link($url, _("Strip Attachment"), 'iconImg deleteImg', null, 'return window.confirm(' . Horde_Serialize::serialize(_("Are you sure you wish to PERMANENTLY delete this attachment?"), Horde_Serialize::JSON, 'UTF-8') . ')') . ''; } else { $part['strip'] = Horde::link('#', _("Strip Attachment"), 'iconImg deleteImg stripAtc', null, null, null, null, array('mimeid' => $id)) . ''; diff --git a/imp/mailbox-mimp.php b/imp/mailbox-mimp.php index fc72fc0c5..d785ccded 100644 --- a/imp/mailbox-mimp.php +++ b/imp/mailbox-mimp.php @@ -57,9 +57,9 @@ case 'u': if ($vars->checkbox == 'd') { try { - Horde::checkRequestToken('imp.message-mimp', $vars->mt); + $injector->getInstance('Horde_Token')->validate($vars->mt, 'imp.message-mimp'); $imp_message->delete(new IMP_Indices($vars->indices)); - } catch (Horde_Exception $e) { + } catch (Horde_Token_Exception $e) { $notification->push($e); } } else { @@ -269,7 +269,7 @@ try { if (Horde::callHook('mimp_advanced', array('checkbox'), 'imp')) { $t->set('checkbox', $mailbox_url->copy()->add('p', $pageOb['page'])); $t->set('forminput', Horde_Util::formInput()); - $t->set('mt', Horde::getRequestToken('imp.message-mimp')); + $t->set('mt', $injector->getInstance('Horde_Token')->get('imp.message-mimp')); } } catch (Horde_Exception_HookNotSet $e) {} diff --git a/imp/mailbox.php b/imp/mailbox.php index c99e19156..883e91d65 100644 --- a/imp/mailbox.php +++ b/imp/mailbox.php @@ -71,8 +71,8 @@ $indices = new IMP_Indices($vars->indices); /* Run through the action handlers */ if ($actionID && ($actionID != 'message_missing')) { try { - Horde::checkRequestToken('imp.mailbox', $vars->mailbox_token); - } catch (Horde_Exception $e) { + $injector->getInstance('Horde_Token')->validate($vars->mailbox_token, 'imp.mailbox'); + } catch (Horde_Token_Exception $e) { $notification->push($e); $actionID = null; } @@ -207,7 +207,7 @@ case 'view_messages': } /* Token to use in requests */ -$mailbox_token = Horde::getRequestToken('imp.mailbox'); +$mailbox_token = $injector->getInstance('Horde_Token')->get('imp.mailbox'); /* Deal with filter options. */ if (!$readonly && $session->get('imp', 'filteravail')) { diff --git a/imp/message-mimp.php b/imp/message-mimp.php index 4f2d433fb..42abcf817 100644 --- a/imp/message-mimp.php +++ b/imp/message-mimp.php @@ -56,9 +56,9 @@ case 'u': if ($vars->a == 'd') { try { - Horde::checkRequestToken('imp.message-mimp', $vars->mt); + $injector->getInstance('Horde_Token')->validate($vars->mt, 'imp.message-mimp'); $msg_delete = (bool)$imp_message->delete($imp_indices); - } catch (Horde_Exception $e) { + } catch (Horde_Token_Exception $e) { $notification->push($e); } } else { @@ -263,7 +263,7 @@ $menu = array(); if (!$readonly) { $menu[] = in_array('\\deleted', $flags) ? array(_("Undelete"), $self_link->copy()->add('a', 'u')) - : array(_("Delete"), $self_link->copy()->add(array('a' => 'd', 'mt' => Horde::getRequestToken('imp.message-mimp')))); + : array(_("Delete"), $self_link->copy()->add(array('a' => 'd', 'mt' => $injector->getInstance('Horde_Token')->get('imp.message-mimp')))); } /* Add compose actions (Reply, Reply List, Reply All, Forward, Redirect). */ @@ -295,13 +295,13 @@ $menu[] = array(sprintf(_("To %s"), IMP::getLabel(IMP::$mailbox)), $mailbox_link if ($conf['spam']['reporting'] && ($conf['spam']['spamfolder'] || ($mailbox_name != IMP::folderPref($prefs->getValue('spam_folder'), true)))) { - $menu[] = array(_("Report as Spam"), $self_link->copy()->add(array('a' => 'rs', 'mt' => Horde::getRequestToken('imp.message-mimp')))); + $menu[] = array(_("Report as Spam"), $self_link->copy()->add(array('a' => 'rs', 'mt' => $injector->getInstance('Horde_Token')->get('imp.message-mimp')))); } if ($conf['notspam']['reporting'] && (!$conf['notspam']['spamfolder'] || ($mailbox_name == IMP::folderPref($prefs->getValue('spam_folder'), true)))) { - $menu[] = array(_("Report as Innocent"), $self_link->copy()->add(array('a' => 'ri', 'mt' => Horde::getRequestToken('imp.message-mimp')))); + $menu[] = array(_("Report as Innocent"), $self_link->copy()->add(array('a' => 'ri', 'mt' => $injector->getInstance('Horde_Token')->get('imp.message-mimp')))); } $t->set('menu', $imp_ui_mimp->getMenu('message', $menu)); diff --git a/imp/message.php b/imp/message.php index 227b9dcc8..dbc7bc47c 100644 --- a/imp/message.php +++ b/imp/message.php @@ -53,8 +53,8 @@ $user_identity = $injector->getInstance('IMP_Identity'); $vars = Horde_Variables::getDefaultVariables(); if ($vars->actionID) { try { - Horde::checkRequestToken('imp.message', $vars->message_token); - } catch (Horde_Exception $e) { + $injector->getInstance('Horde_Token')->validate($vars->message_token, 'imp.message'); + } catch (Horde_Token_Exception $e) { $notification->push($e); $vars->actionID = null; } @@ -251,7 +251,7 @@ $page_label = IMP::getLabel(IMP::$mailbox); /* Generate the link to ourselves. */ $msgindex = $imp_mailbox->getMessageIndex(); $message_url = Horde::url('message.php'); -$message_token = Horde::getRequestToken('imp.message'); +$message_token = $injector->getInstance('Horde_Token')->get('imp.message'); $self_link = IMP::generateIMPUrl('message.php', IMP::$mailbox, $uid, $mailbox_name)->add(array('start' => $msgindex, 'message_token' => $message_token)); /* Develop the list of headers to display. */ diff --git a/imp/thread.php b/imp/thread.php index 5df7898cd..895f01c5c 100644 --- a/imp/thread.php +++ b/imp/thread.php @@ -151,7 +151,7 @@ $template->set( if ($mode == 'thread') { $delete_link = IMP::generateIMPUrl('mailbox.php', $mbox)->add(array( 'actionID' => 'delete_messages', - 'mailbox_token' => Horde::getRequestToken('imp.mailbox') + 'mailbox_token' => $injector->getInstance('Horde_Token')->get('imp.mailbox') )); foreach ($thread as $val) { $delete_link->add(array('indices[]' => strval(new IMP_Indices(IMP::$mailbox, $val)), 'start' => $imp_mailbox->getArrayIndex($val))); diff --git a/koward/lib/Koward/Cli.php b/koward/lib/Koward/Cli.php index 8e09c3d42..8e18fae05 100644 --- a/koward/lib/Koward/Cli.php +++ b/koward/lib/Koward/Cli.php @@ -135,7 +135,7 @@ class Koward_Cli extends Horde_Controller_Request_Base * to use the standard form mechanisms via CLI. Think of some * alternatives here. */ - $token = Horde::getRequestToken('cli'); + $token = $GLOBALS['injector']->getInstance('Horde_Token')->get('cli'); $this->_cmd_argv['koward_form_object_formToken'] = $token; /** @@ -195,7 +195,7 @@ class Koward_Cli extends Horde_Controller_Request_Base /** * Provide a token for immediate deletion. */ - $this->_cmd_argv['token'] = Horde::getRequestToken('object.delete'); + $this->_cmd_argv['token'] = $GLOBALS['injector']->getInstance('Horde_Token')->get('object.delete'); break; } diff --git a/koward/lib/Koward/Controller/ObjectController.php b/koward/lib/Koward/Controller/ObjectController.php index 4ebbbc79a..888d1875f 100644 --- a/koward/lib/Koward/Controller/ObjectController.php +++ b/koward/lib/Koward/Controller/ObjectController.php @@ -95,7 +95,7 @@ class ObjectController extends Koward_Controller_Application $this->submit_url = $this->urlFor(array('controller' => 'object', 'action' => 'delete', 'id' => $this->params->id, - 'token' => Horde::getRequestToken('object.delete'))); + 'token' => $GLOBALS['injector']->getInstance('Horde_Token')->get('object.delete'))); $this->return_url = $this->urlFor(array('controller' => 'object', 'action' => 'listall')); @@ -105,7 +105,7 @@ class ObjectController extends Koward_Controller_Application } else { $token = $this->params->token; } - Horde::checkRequestToken('object.delete', $token); + $GLOBALS['injector']->getInstance('Horde_Token')->validate($token, 'object.delete'); $result = $this->object->delete(); if ($result === true) { $this->koward->notification->push(sprintf(_("Successfully deleted the object \"%s\""), @@ -159,7 +159,7 @@ class ObjectController extends Koward_Controller_Application } else { $token = $this->params->token; } - Horde::checkRequestToken('object.' . $this->params->oaction, $token); + $GLOBALS['injector']->getInstance('Horde_Token')->validate($token, 'object.' . $this->params->oaction); $action = $this->params->oaction; $result = $this->object->$action(); @@ -193,7 +193,7 @@ class ObjectController extends Koward_Controller_Application 'action' => 'view', 'id' => $this->params->id, 'action' => $action, - 'token' => Horde::getRequestToken('object.' . $action))); + 'token' => $GLOBALS['injector']->getInstance('Horde_Token')->get('object.' . $action))); $this->return_url = $this->urlFor(array('controller' => 'object', 'action' => 'view', 'id' => $this->params->id));