Terry DeSimone SecureCloud-biz
SecureCloud-biz
/ ajax_csrf.html
Created
July 12, 2014 23:52
Added CSRF token to AJAX calls using Form Serialization
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- create form with open_form() --> | |
| <form action="http://testapp.com/login" method="post" accept-charset="utf-8" id="login-form" class="login"> | |
| <div style="display:none"> | |
| <input type="hidden" name="csrf_test_name" value="80bfb80b356d6d31f4ce4dad0c6cf69e"> | |
| </div> | |
| ... | |
| ... | |
| </form> | |
| <!-- Update AJAX code to post serialized data --> |
SecureCloud-biz
/ ajax_csrf.html
Created
July 12, 2014 23:53
Added CSRF token to AJAX calls using JavaScript Variable
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- add to HEAD --> | |
| <script type="text/javascript"> | |
| var csrf_value = '<?php echo $this->security->get_csrf_hash(); ?>'; | |
| </script> | |
| <!-- Update AJAX code, change csrf_test_name as needed --> | |
| <script type="text/javascript"> | |
| $.post( ajax_url, { data: 'value', 'csrf_test_name': csrf_value }, function( response ) { | |
| // response | |
| }, 'json' ); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <input type="hidden" name="<?php echo $this->security->get_csrf_token_name(); ?>" value="<?php echo $this->security->get_csrf_hash(); ?>"> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <form action="http://testapplication.com/login" method="post" accept-charset="utf-8" id="login-form" class="login"> | |
| <div style="display:none"> | |
| <input type="hidden" name="csrf_test_name" value="80bfb80b356d6d31f4ce4dad0c6cf69e"> | |
| </div> | |
| ... | |
| ... | |
| </form> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <div class="well"> | |
| <button class="btn btn-info share-btn">Share</button> | |
| </div> | |
| <script type="text/javascript"> | |
| function fb_share() { | |
| FB.ui( { | |
| method: 'feed', | |
| name: "Search Google", | |
| link: "https://www.google.com", |
SecureCloud-biz
/ scrollbars.js
Created
July 13, 2014 00:14
— forked from niraj-shah/scrollbars.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| window.fbAsyncInit = function() { | |
| FB.init({ | |
| appId : 'xxx', // App ID | |
| channelUrl : 'channel.html', // Channel File | |
| status : true, // check login status | |
| cookie : true, // enable cookies to allow the server to access the session | |
| xfbml : true // parse XFBML | |
| }); | |
| // Remove those pesky scrollbars |
SecureCloud-biz
/ fb_max_width.css
Created
July 13, 2014 00:14
— forked from niraj-shah/fb_max_width.css
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| html, body { | |
| width: 810px; | |
| overflow: hidden; | |
| } |
SecureCloud-biz
/ fb_scrolling.html
Created
July 13, 2014 00:14
— forked from niraj-shah/fb_scrolling.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- anchor example --> | |
| <a href="#" onclick="FB.Canvas.scrollTo( 0, 500 );">Click here to enter</a> | |
| <!-- anchor with jQuery dynamic placement example --> | |
| <a href="#" onclick="FB.Canvas.scrollTo( 0, $('.enter-btn').offset().top );">Click here to enter</a> | |
| <!-- page load example --> | |
| <script type="text/javascript"> | |
| window.fbAsyncInit = function() { | |
| FB.init({ |
SecureCloud-biz
/ google+_share.html
Created
July 13, 2014 00:15
— forked from niraj-shah/google+_share.html
SecureCloud-biz
/ fb_long_access_token.php
Created
July 13, 2014 00:16
— forked from niraj-shah/fb_long_access_token.php
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $appId = 'aaaaaaaaaaaa'; | |
| $appSecret = 'bbbbbbbbbbbb'; | |
| // init facebook | |
| $facebook = new Facebook( array( 'appId' => $appId, 'secret' => $appSecret ) ); | |
| // get user_id, 0 if not logged in | |
| $user = $facebook->getUser(); |