Added csrfToken to GlobalVariables definition.

2015-05-27 23:47:19 +02:00 · 2015-05-27 23:47:19 +02:00 · ad8c9b6522
commit ad8c9b6522
parent d88c138d2d
9 changed files with 12 additions and 0 deletions
--- a/src/application/views/appointments/book_success.php
+++ b/src/application/views/appointments/book_success.php
@ -92,6 +92,7 @@
        // ------------------------------------------------------------ ?>
    <script type="text/javascript">
        var GlobalVariables = {
+            'csrfToken'         : <?php echo json_encode($this->security->get_csrf_hash()); ?>,
            'appointmentData'   : <?php echo json_encode($appointment_data); ?>,
            'providerData'      : <?php echo json_encode($provider_data); ?>,
            'serviceData'       : <?php echo json_encode($service_data); ?>,
--- a/src/application/views/backend/calendar.php
+++ b/src/application/views/backend/calendar.php
@ -12,6 +12,7 @@
        
 <script type="text/javascript">    
    var GlobalVariables = {
+        'csrfToken'             : <?php echo json_encode($this->security->get_csrf_hash()); ?>,
        'availableProviders'    : <?php echo json_encode($available_providers); ?>,
        'availableServices'     : <?php echo json_encode($available_services); ?>,
        'baseUrl'               : <?php echo '"' . $base_url . '"'; ?>,
--- a/src/application/views/backend/customers.php
+++ b/src/application/views/backend/customers.php
@ -6,6 +6,7 @@
        
 <script type="text/javascript">    
    var GlobalVariables = {
+        'csrfToken': <?php echo json_encode($this->security->get_csrf_hash()); ?>,
        'availableProviders': <?php echo json_encode($available_providers); ?>,
        'availableServices': <?php echo json_encode($available_services); ?>,
        'baseUrl': <?php echo '"' . $base_url . '"'; ?>,
--- a/src/application/views/backend/services.php
+++ b/src/application/views/backend/services.php
@ -3,6 +3,7 @@
        
 <script type="text/javascript">    
    var GlobalVariables = {
+        'csrfToken': <?php echo json_encode($this->security->get_csrf_hash()); ?>,
        'baseUrl': <?php echo '"' . $base_url . '"'; ?>,
        'services': <?php echo json_encode($services); ?>,
        'categories': <?php echo json_encode($categories); ?>,
--- a/src/application/views/backend/settings.php
+++ b/src/application/views/backend/settings.php
@ -9,6 +9,7 @@
        
 <script type="text/javascript">    
    var GlobalVariables = {
+        'csrfToken': <?php echo json_encode($this->security->get_csrf_hash()); ?>,
        'baseUrl': <?php echo '"' . $base_url . '"'; ?>,
        'userSlug': <?php echo '"' . $role_slug . '"'; ?>,
        'settings': {
--- a/src/application/views/backend/users.php
+++ b/src/application/views/backend/users.php
@ -18,6 +18,7 @@
        
 <script type="text/javascript">    
    var GlobalVariables = {
+        'csrfToken': <?php echo json_encode($this->security->get_csrf_hash()); ?>,
        'baseUrl': <?php echo '"' . $base_url . '"'; ?>,
        'admins': <?php echo json_encode($admins); ?>,
        'providers': <?php echo json_encode($providers); ?>,
--- a/src/application/views/general/installation.php
+++ b/src/application/views/general/installation.php
@ -34,6 +34,7 @@
    
    <script type="text/javascript">
 	    var GlobalVariables = {
+            'csrfToken': <?php echo json_encode($this->security->get_csrf_hash()); ?>,
            'baseUrl': <?php echo '"' . $base_url . '"'; ?>
        };

@ -60,6 +61,7 @@
        
                var postUrl = GlobalVariables.baseUrl + '/index.php/appointments/ajax_install';
                var postData = {
+                    'csrfToken': GlobalVariables.csrfToken,
                    'admin': JSON.stringify(getAdminData()),
                    'company': JSON.stringify(getCompanyData())
                };
--- a/src/application/views/user/forgot_password.php
+++ b/src/application/views/user/forgot_password.php
@ -60,6 +60,7 @@
    <script type="text/javascript">
        $(document).ready(function() {
            var GlobalVariables = {
+                'csrfToken': <?php echo json_encode($this->security->get_csrf_hash()); ?>,
                'baseUrl': <?php echo '"' . $base_url . '"'; ?>,
                'AJAX_SUCCESS': 'SUCCESS',
                'AJAX_FAILURE': 'FAILURE'
@ -78,6 +79,7 @@
                
                var postUrl = GlobalVariables.baseUrl + '/index.php/user/ajax_forgot_password';
                var postData = {
+                    'csrfToken': GlobalVariables.csrfToken,
                    'username': $('#username').val(),
                    'email': $('#email').val()
                };
--- a/src/application/views/user/login.php
+++ b/src/application/views/user/login.php
@ -64,6 +64,7 @@
    
    <script type="text/javascript">
        var GlobalVariables = {
+            'csrfToken': <?php echo json_encode($this->security->get_csrf_hash()); ?>,
            'baseUrl': <?php echo '"' . $base_url . '"'; ?>,
            'destUrl': <?php echo '"' . $dest_url . '"'; ?>,
            'AJAX_SUCCESS': 'SUCCESS',
@ -87,6 +88,7 @@
                
                var postUrl = GlobalVariables.baseUrl + '/index.php/user/ajax_check_login';
                var postData = {
+                    'csrfToken': GlobalVariables.csrfToken,
                    'username': $('#username').val(),
                    'password': $('#password').val()
                };