x

Main chapters

  1. LimeSurvey Cloud vs LimeSurvey CE
  2. LimeSurvey Cloud - Quick start guide
  3. LimeSurvey CE - Installation
  4. How to design a good survey (Guide)
  5. Getting started
  6. LimeSurvey configuration
  7. Introduction - Surveys
  8. View survey settings
  9. View survey menu
  10. View survey structure
  11. Introduction - Questions
  12. Introduction - Question Groups
  13. Introduction - Surveys - Management
  14. Survey toolbar options
  15. Multilingual survey
  16. Quick start guide - ExpressionScript
  17. Advanced features
  18. General FAQ
  19. Troubleshooting
  20. Workarounds
  21. License
  22. Version change log
  23. Plugins - Advanced
 Actions

BeforeUrlCheck: Difference between revisions

From LimeSurvey Manual

← Older edit
No edit summary
No edit summary
 
Line 1: Line 1:
{{FeatureStarting|3.0.0}}  
{{FeatureStarting|4.0.0}}  


'''When'''
'''When'''

Latest revision as of 11:45, 5 September 2018

 Hint: This features is available starting in version 4.0.0


When

This event is fired when a request is posted to LimeSurvey that needs to be tested for CSRF compatibility

Input

The event receives the following information:

Name Type Description
routes array The routes where CSRF check is disabled for
params array The parameters where the CSRF check is disabled for


Possible output

The default values in csrf disabled routes are: 

- 'remotecontrol',
- 'plugins/unsecure'

Example 

        $oEvent = $this->getEvent();
        $aParams = $oEvent->get('params');
        $aRoutes = $oEvent->get('routes');

        $aParams['unsaferequestparamkey'] = 'unsaferequestparamvalue' ;
        $aRoutes[] = 'admin/unsaferouteineed';

        $oEvent->set('params', $aParams);
        $oEvent->set('routes', $aRoutes);
Retrieved from "http://www.limesurvey.org/manual/index.php?title=BeforeUrlCheck&oldid=124263"