Skip to content

Commit

Permalink
improved sessiontoken handling
Browse files Browse the repository at this point in the history
  • Loading branch information
mxkmp29 authored and mxkmp29 committed Aug 11, 2016
1 parent 209ddb5 commit b1e31cb
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 3 deletions.
9 changes: 8 additions & 1 deletion components/com_users/controllers/registration.json.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,14 @@ class UsersControllerRegistration extends UsersController
public function validate()
{
// Check for request forgeries.
JSession::checkToken('get') or jexit(JText::_('JINVALID_TOKEN'));
$checkToken = JSession::checkToken('get');

if ($checkToken === false)
{
echo new JResponseJson(null, JText::_('JINVALID_TOKEN'), true);

return false;
}

// Read username from ajax
$username = $this->input->get('username', '', 'username');
Expand Down
2 changes: 0 additions & 2 deletions components/com_users/views/registration/tmpl/default.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,6 @@
JHtml::_('jquery.framework');
JHtml::_('script', 'com_users/validate-user.js', false, true);



$ajaxUri = JRoute::_('index.php?option=com_users&task=registration.validate&format=json&' . JSession::getFormToken() . '=1');
?>
<div class="registration<?php echo $this->pageclass_sfx?>">
Expand Down
11 changes: 11 additions & 0 deletions media/com_users/js/validate-user.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,17 @@
type: 'POST',
url: ajaxUrl + '&username=' + name
}).done(function(data){
console.log(data);
if(data.success){
var message = {
'error' : [data.message]
};
Joomla.renderMessages(message);
}else if(!data.success && data.message){ //Invalid token
var message = {
'error' : [data.message]
};
Joomla.renderMessages(message);
}
});
}
Expand All @@ -33,6 +39,11 @@
'error': [data.message]
};
Joomla.renderMessages(message);
}else if(!data.success && data.message){ //Invalid token
var message = {
'error' : [data.message]
};
Joomla.renderMessages(message);
}
});
}
Expand Down

0 comments on commit b1e31cb

Please sign in to comment.