XOOPS  2.6.0
Xoops\Core\Security Class Reference
Inheritance diagram for Xoops\Core\Security:
Inheritance graph

Public Member Functions

 check ($clearIfValid=true, $token=false, $name= 'XOOPS_TOKEN')
 
 checkBadips ()
 
 checkReferer ($docheck=1)
 
 clearTokens ($name= 'XOOPS_TOKEN')
 
 createToken ($timeout=300, $name= 'XOOPS_TOKEN')
 
 filterToken ($token)
 
 garbageCollection ($name= 'XOOPS_TOKEN')
 
 getErrors ($ashtml=false)
 
 getTokenHTML ($name= 'XOOPS_TOKEN')
 
 setErrors ($error)
 
 validateToken ($token=false, $clearIfValid=true, $name= 'XOOPS_TOKEN')
 

Private Attributes

 $errors = array()
 

Detailed Description

Definition at line 26 of file Security.php.

Member Function Documentation

Xoops\Core\Security::check (   $clearIfValid = true,
  $token = false,
  $name = 'XOOPS_TOKEN' 
)

Check if there is a valid token in $_REQUEST[$name . '_REQUEST']

Parameters
bool$clearIfValidwhether to clear the token after validation
bool$tokentoken to validate
string$namename of session variable
Returns
bool

Definition at line 39 of file Security.php.

References $name, and Xoops\Core\Security\validateToken().

Here is the call graph for this function:

Xoops\Core\Security::checkBadips ( )

Check if visitor's IP address is banned Should be changed to return bool and let the action be up to the calling script

Returns
void

Definition at line 184 of file Security.php.

References $_SERVER, $xoops, exit, and Xoops\getInstance().

Here is the call graph for this function:

Xoops\Core\Security::checkReferer (   $docheck = 1)

Check the user agent's HTTP REFERER against XOOPS_URL

Parameters
int$docheck0 to not check the referer (used with XML-RPC), 1 to actively check it
Returns
bool

Definition at line 163 of file Security.php.

References XoopsBaseConfig\get(), and Xoops\getInstance().

Here is the call graph for this function:

Xoops\Core\Security::clearTokens (   $name = 'XOOPS_TOKEN')

Clear all token values from user's session

Parameters
string$namesession name
Returns
void

Definition at line 124 of file Security.php.

References $_SESSION, and $name.

Xoops\Core\Security::createToken (   $timeout = 300,
  $name = 'XOOPS_TOKEN' 
)

Create a token in the user's session

Parameters
int$timeouttime in seconds the token should be valid
string$namename of session variable
Returns
string token value

Definition at line 52 of file Security.php.

References $_SESSION, $name, Xoops\Core\Security\garbageCollection(), and Xoops\Core\Random\generateOneTimeToken().

Here is the call graph for this function:

Xoops\Core\Security::filterToken (   $token)

Check whether a token value is expired or not

Parameters
string$tokentoken
Returns
bool

Definition at line 136 of file Security.php.

Referenced by Xoops\Core\Security\validateToken().

Here is the caller graph for this function:

Xoops\Core\Security::garbageCollection (   $name = 'XOOPS_TOKEN')

Perform garbage collection, clearing expired tokens

Parameters
string$namesession name
Returns
void

Definition at line 148 of file Security.php.

References $_SESSION, and $name.

Referenced by Xoops\Core\Security\createToken(), and Xoops\Core\Security\validateToken().

Here is the caller graph for this function:

Xoops\Core\Security::getErrors (   $ashtml = false)

Get generated errors

Parameters
bool$ashtmlFormat using HTML?
Returns
array|string Array of array messages OR HTML string

Definition at line 232 of file Security.php.

References Xoops\Core\Security\$errors.

Xoops\Core\Security::getTokenHTML (   $name = 'XOOPS_TOKEN')

Get the HTML code for a Xoops object - provides a hidden token field used in forms that do not use Xoops elements

Parameters
string$namesession token name
Returns
string

Definition at line 207 of file Security.php.

References $name.

Xoops\Core\Security::setErrors (   $error)

Add an error

Parameters
string$errormessage
Returns
void

Definition at line 220 of file Security.php.

References $error.

Referenced by Xoops\Core\Security\validateToken().

Here is the caller graph for this function:

Xoops\Core\Security::validateToken (   $token = false,
  $clearIfValid = true,
  $name = 'XOOPS_TOKEN' 
)

Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked

Parameters
string | bool$tokentoken to validate
bool$clearIfValidwhether to clear the token value if valid
string$namesession name to validate
Returns
bool

Definition at line 77 of file Security.php.

References $_SESSION, $i, $name, Xoops\Core\Security\filterToken(), Xoops\Core\Security\garbageCollection(), Xoops\getInstance(), and Xoops\Core\Security\setErrors().

Referenced by Xoops\Core\Security\check().

Here is the call graph for this function:

Here is the caller graph for this function:

Member Data Documentation

Xoops\Core\Security::$errors = array()
private

Definition at line 28 of file Security.php.

Referenced by Xoops\Core\Security\getErrors().


The documentation for this class was generated from the following file: