XOOPS 2.5.6
Final
|
Public Member Functions | |
check ($clearIfValid=true, $token=false, $name= 'XOOPS_TOKEN') | |
checkBadips () | |
checkReferer ($docheck=1) | |
checkSuperglobals () | |
clearTokens ($name= 'XOOPS_TOKEN') | |
createToken ($timeout=0, $name= 'XOOPS_TOKEN') | |
filterToken ($token) | |
garbageCollection ($name= 'XOOPS_TOKEN') | |
& | getErrors ($ashtml=false) |
getTokenHTML ($name= 'XOOPS_TOKEN') | |
setErrors ($error) | |
validateToken ($token=false, $clearIfValid=true, $name= 'XOOPS_TOKEN') | |
XoopsSecurity () | |
Public Attributes | |
$errors = array() | |
Definition at line 21 of file xoopssecurity.php.
Check if there is a valid token in $_REQUEST[$name . '_REQUEST'] - can be expanded for more wide use, later (Mith)
bool | $clearIfValid | whether to clear the token after validation |
string | $token | token to validate |
string | $name | session name |
Definition at line 42 of file xoopssecurity.php.
References $token.
XoopsSecurity::checkBadips | ( | ) |
Check if visitor's IP address is banned Should be changed to return bool and let the action be up to the calling script
Definition at line 222 of file xoopssecurity.php.
References $_SERVER, $bad_ips, $xoopsConfig, and exit.
XoopsSecurity::checkReferer | ( | $docheck = 1 | ) |
Check the user agent's HTTP REFERER against XOOPS_URL
int | $docheck | 0 to not check the referer (used with XML-RPC), 1 to actively check it |
Definition at line 160 of file xoopssecurity.php.
References xoops_getenv().
XoopsSecurity::checkSuperglobals | ( | ) |
XoopsSecurity::clearTokens | ( | $name = 'XOOPS_TOKEN' | ) |
Clear all token values from user's session
string | $name | session name |
Definition at line 121 of file xoopssecurity.php.
References $_SESSION.
XoopsSecurity::createToken | ( | $timeout = 0 , |
|
$name = 'XOOPS_TOKEN' |
|||
) |
Create a token in the user's session
int | $timeout | time in seconds the token should be valid |
string | $name | session name |
Definition at line 55 of file xoopssecurity.php.
References $_SERVER, $_SESSION, and XOOPS_DB_PREFIX.
XoopsSecurity::filterToken | ( | $token | ) |
Check whether a token value is expired or not
string | $token |
Definition at line 133 of file xoopssecurity.php.
References $token.
XoopsSecurity::garbageCollection | ( | $name = 'XOOPS_TOKEN' | ) |
Perform garbage collection, clearing expired tokens
string | $name | session name |
Definition at line 145 of file xoopssecurity.php.
References $_SESSION.
& XoopsSecurity::getErrors | ( | $ashtml = false | ) |
Get generated errors
bool | $ashtml | Format using HTML? |
Definition at line 266 of file xoopssecurity.php.
XoopsSecurity::getTokenHTML | ( | $name = 'XOOPS_TOKEN' | ) |
Get the HTML code for a XoopsFormHiddenToken object - used in forms that do not use XoopsForm elements
Definition at line 242 of file xoopssecurity.php.
References $token.
XoopsSecurity::setErrors | ( | $error | ) |
Add an error
string | $error |
Definition at line 254 of file xoopssecurity.php.
References $error.
Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked
string | $token | token to validate |
bool | $clearIfValid | whether to clear the token value if valid |
string | $name | session name to validate |
Definition at line 83 of file xoopssecurity.php.
References $_REQUEST, $_SERVER, $_SESSION, $i, $token, $xoopsLogger, and XOOPS_DB_PREFIX.
XoopsSecurity::XoopsSecurity | ( | ) |
Constructor
Definition at line 29 of file xoopssecurity.php.
XoopsSecurity::$errors = array() |
Definition at line 23 of file xoopssecurity.php.