XOOPS 2.5.6  Final
 All Classes Namespaces Files Functions Variables Pages
XoopsSecurity Class Reference

Public Member Functions

 check ($clearIfValid=true, $token=false, $name= 'XOOPS_TOKEN')
 
 checkBadips ()
 
 checkReferer ($docheck=1)
 
 checkSuperglobals ()
 
 clearTokens ($name= 'XOOPS_TOKEN')
 
 createToken ($timeout=0, $name= 'XOOPS_TOKEN')
 
 filterToken ($token)
 
 garbageCollection ($name= 'XOOPS_TOKEN')
 
getErrors ($ashtml=false)
 
 getTokenHTML ($name= 'XOOPS_TOKEN')
 
 setErrors ($error)
 
 validateToken ($token=false, $clearIfValid=true, $name= 'XOOPS_TOKEN')
 
 XoopsSecurity ()
 

Public Attributes

 $errors = array()
 

Detailed Description

Definition at line 21 of file xoopssecurity.php.

Member Function Documentation

XoopsSecurity::check (   $clearIfValid = true,
  $token = false,
  $name = 'XOOPS_TOKEN' 
)

Check if there is a valid token in $_REQUEST[$name . '_REQUEST'] - can be expanded for more wide use, later (Mith)

Parameters
bool$clearIfValidwhether to clear the token after validation
string$tokentoken to validate
string$namesession name
Returns
bool

Definition at line 42 of file xoopssecurity.php.

References $token.

XoopsSecurity::checkBadips ( )

Check if visitor's IP address is banned Should be changed to return bool and let the action be up to the calling script

Returns
void

Definition at line 222 of file xoopssecurity.php.

References $_SERVER, $bad_ips, $xoopsConfig, and exit.

XoopsSecurity::checkReferer (   $docheck = 1)

Check the user agent's HTTP REFERER against XOOPS_URL

Parameters
int$docheck0 to not check the referer (used with XML-RPC), 1 to actively check it
Returns
bool

Definition at line 160 of file xoopssecurity.php.

References xoops_getenv().

Here is the call graph for this function:

XoopsSecurity::checkSuperglobals ( )

Check superglobals for contamination

Returns
void

Definition at line 180 of file xoopssecurity.php.

References $_REQUEST, and exit.

XoopsSecurity::clearTokens (   $name = 'XOOPS_TOKEN')

Clear all token values from user's session

Parameters
string$namesession name

Definition at line 121 of file xoopssecurity.php.

References $_SESSION.

XoopsSecurity::createToken (   $timeout = 0,
  $name = 'XOOPS_TOKEN' 
)

Create a token in the user's session

Parameters
int$timeouttime in seconds the token should be valid
string$namesession name
Returns
string token value

Definition at line 55 of file xoopssecurity.php.

References $_SERVER, $_SESSION, and XOOPS_DB_PREFIX.

XoopsSecurity::filterToken (   $token)

Check whether a token value is expired or not

Parameters
string$token
Returns
bool

Definition at line 133 of file xoopssecurity.php.

References $token.

XoopsSecurity::garbageCollection (   $name = 'XOOPS_TOKEN')

Perform garbage collection, clearing expired tokens

Parameters
string$namesession name
Returns
void

Definition at line 145 of file xoopssecurity.php.

References $_SESSION.

& XoopsSecurity::getErrors (   $ashtml = false)

Get generated errors

Parameters
bool$ashtmlFormat using HTML?
Returns
array|string Array of array messages OR HTML string

Definition at line 266 of file xoopssecurity.php.

References $error, $errors, and $ret.

XoopsSecurity::getTokenHTML (   $name = 'XOOPS_TOKEN')

Get the HTML code for a XoopsFormHiddenToken object - used in forms that do not use XoopsForm elements

Returns
string

Definition at line 242 of file xoopssecurity.php.

References $token.

XoopsSecurity::setErrors (   $error)

Add an error

Parameters
string$error

Definition at line 254 of file xoopssecurity.php.

References $error.

XoopsSecurity::validateToken (   $token = false,
  $clearIfValid = true,
  $name = 'XOOPS_TOKEN' 
)

Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked

Parameters
string$tokentoken to validate
bool$clearIfValidwhether to clear the token value if valid
string$namesession name to validate
Returns
bool

Definition at line 83 of file xoopssecurity.php.

References $_REQUEST, $_SERVER, $_SESSION, $i, $token, $xoopsLogger, and XOOPS_DB_PREFIX.

XoopsSecurity::XoopsSecurity ( )

Constructor

Definition at line 29 of file xoopssecurity.php.

Member Data Documentation

XoopsSecurity::$errors = array()

Definition at line 23 of file xoopssecurity.php.


The documentation for this class was generated from the following file: