Jump to content

Protect ajax/cron files a unique and secured token - Prestashop 1.7


Recommended Posts

How protect file with a unique and secured token?

 

For example my file - ajax.php

 

include_once(dirname(__FILE__) . '/../../config/config.inc.php');
include_once(dirname(__FILE__) . '/../../init.php');
include_once(_PS_MODULE_DIR_.'bonnewsletter/classes/ClassNewsletter.php');

if (Tools::getValue('ajax') == 1) {
    $email = pSQL(trim(Tools::getValue('bon_newsletter_email', '')));
    $check = ClassNewsletter::isNewsletterRegistered($email);
    if (Tools::isEmpty($email) || !Validate::isEmail($email)) {
        die(Tools::jsonEncode(array('success' => 3, 'error' => 'Invalid email address.')));
    } else {
        if ($check > 0) {
            die(Tools::jsonEncode(array('success' => 1, 'error' => 'This email address is already registered.')));
        } else {
            if (!ClassNewsletter::isRegistered($check)) {
                if (Configuration::get('NW_VERIFICATION_EMAIL')) {
                    if ($check == ClassNewsletter::GUEST_NOT_REGISTERED) {
                        ClassNewsletter::registerGuest($email, false);
                    }
                } else {
                    ClassNewsletter::register($email, $check);
                }
                die(Tools::jsonEncode(array('success' => 0, 'error' => 'You have successfully subscribed to this newsletter.')));
            }
        }
    }
}

 

For any ideas, thank you very much!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More