7 years ago · a828d5c409
--- a/examples/client_auth.php
+++ b/examples/client_auth.php
@@ -3,18 +3,21 @@ require "../lib/php_crud_api_transform.php";
 
				
				 
			
 
				
				 $cookiejar = tempnam(sys_get_temp_dir(), 'cookiejar-');
			
 
				
				 
			
 
				
				-function call($method, $url, $data = false) {
			
 
				
				+function call($method, $url, $data = false, $csrf = false) {
			
 
				
				 	global $cookiejar;
			
 
				
				 	$ch = curl_init();
			
 
				
				 	curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
			
 
				
				 	curl_setopt($ch, CURLOPT_URL, $url);
			
 
				
				+	$headers = array();
			
 
				
				 	if ($data) {
			
 
				
				 		curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
			
 
				
				-		$headers = array();
			
 
				
				 		$headers[] = 'Content-Type: application/json';
			
 
				
				 		$headers[] = 'Content-Length: ' . strlen($data);
			
 
				
				-		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
			
 
				
				 	}
			
 
				
				+	if ($csrf) {
			
 
				
				+		$headers[] = 'X-XSRF-TOKEN: ' . $csrf;
			
 
				
				+	}
			
 
				
				+	curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
			
 
				
				 	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
			
 
				
				 
			
 
				
				 	curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiejar);
			
@@ -25,7 +28,7 @@ function call($method, $url, $data = false) {
 
				
				 
			
 
				
				 // in case you are using php-api-auth:
			
 
				
				 $csrf = json_decode(call('POST','http://localhost/api.php/', 'username=admin&password=admin'));
			
 
				
				-$response = call('GET','http://localhost/api.php/posts?include=categories,tags,comments&filter=id,eq,1&csrf='. $csrf);
			
 
				
				+$response = call('GET','http://localhost/api.php/posts?include=categories,tags,comments&filter=id,eq,1', false, $csrf);
			
 
				
				 
			
 
				
				 unlink($cookiejar);