Minahito
minah****@users*****
2006年 1月 12日 (木) 14:28:25 JST
Index: xoops2jp/html/class/smarty/plugins/function.xoops_token.php
diff -u xoops2jp/html/class/smarty/plugins/function.xoops_token.php:1.1.2.1 xoops2jp/html/class/smarty/plugins/function.xoops_token.php:1.1.2.2
--- xoops2jp/html/class/smarty/plugins/function.xoops_token.php:1.1.2.1 Mon Nov 14 19:50:58 2005
+++ xoops2jp/html/class/smarty/plugins/function.xoops_token.php Thu Jan 12 14:28:25 2006
@@ -16,21 +16,31 @@
*/
function smarty_function_xoops_token($params, &$smarty)
{
- $tokenName=null;
- $tokenValue=null;
+ $tokenName = null;
+ $tokenValue = null;
- if(isset($params['actionform'])&&is_object($params['actionform'])) {
- if(is_object($params['actionform']->mToken)) {
- $tokenName=$params['actionform']->mToken->getTokenName();
- $tokenValue=$params['actionform']->mToken->getTokenValue();
+ if (isset($params['form']) && is_object($params['form'])) {
+ if(is_a($params['form'], 'XCube_ActionForm')) {
+ $tokenName = params['form']->getTokenName();
+ $tokenValue = params['form']->getToken();
+ }
+ else {
+ die('You does not set ActionForm instance to place holder.');
}
}
else {
- $tokenName=$params['name'];
- $tokenValue=$params['value'];
+ $tokenName = $params['name'];
+ $tokenValue = $params['value'];
+ }
+
+ if ($tokenName != null && $tokenValue != null) {
+ $tokenName = htmlspecialchars($tokenName, ENT_QUOTES);
+ $tokenValue = htmlspecialchars($tokenValue, ENT_QUOTES);
+
+ $_SESSION['XCUBE_TOKEN'][$tokenName] = $tokenValue;
+
+ @printf('<input type="hidden" name="%s" value="%s" />', $tokenName, $tokenValue);
}
-
- @printf("<input type='hidden' name='%s' value='%s' />",$tokenName,$tokenValue);
}
?>