Change default page for csrf error |
(07-26-2018, 04:09 PM)dave friend Wrote: If you examine the execution path as designed you find... Yes, indeed, that is what I was thinking about, but then somehow you should force the system to load your Security class instead of standard security class. And how to do that? I mean that $this->security->somefunction() must call your new instantiated My_Security class which variable/instance must have name $security. How to do that without hacking the framework? This string instantiates this class: $SEC =& load_class('Security', 'core'); With hacking the framework we can rename the original class into Security_original and then create our class called Security extends Security_original, and this class will contain the functions which in case of CSRF attack will (for example) load page with logging asking to relogin again. |
Messages In This Thread |
Change default page for csrf error - by anthos1984 - 07-19-2018, 05:33 PM
RE: Change default page for csrf error - by php_rocs - 07-20-2018, 05:35 AM
RE: Change default page for csrf error - by dave friend - 07-26-2018, 04:09 PM
RE: Change default page for csrf error - by anthos1984 - 07-28-2018, 12:19 AM
RE: Change default page for csrf error - by Ivankvkharkiv - 08-18-2020, 10:30 AM
|