checkCsrfForm() knows this is the confirmation post so it will allow the * action to be performed instead of displaying the confirmation form * - Set mode=get to return token only with no HTML. Used with links that lead to state-changing * actions where the confirmSimple() onclick method is used to generate a confirmation form * with the token * @param $smarty Smarty_Internal_Template * @return string * @throws Exception */ function smarty_function_ticket($params, $smarty) { // Redefining the $smarty variable seems to be necessary in some cases (e.g., with ajax services) in order for a // ticket that has been set in $access->setTicket() to be retrievable using the $smarty->getTemplateVars() method $smarty = TikiLib::lib('smarty'); if (empty($smarty->getTemplateVars('ticket'))) { TikiLib::lib('access')->setTicket(); } if (isset($params['mode']) && $params['mode'] === 'get') { return urlencode($smarty->getTemplateVars('ticket')); } else { $ret = ''; if (isset($params['mode']) && $params['mode'] === 'confirm') { $ret .= ''; } return $ret; } }