XOOPS
2.6.0
|
Public Member Functions | |
check ($clearIfValid=true, $token=false, $name= 'XOOPS_TOKEN') | |
checkBadips () | |
checkReferer ($docheck=1) | |
clearTokens ($name= 'XOOPS_TOKEN') | |
createToken ($timeout=300, $name= 'XOOPS_TOKEN') | |
filterToken ($token) | |
garbageCollection ($name= 'XOOPS_TOKEN') | |
getErrors ($ashtml=false) | |
getTokenHTML ($name= 'XOOPS_TOKEN') | |
setErrors ($error) | |
validateToken ($token=false, $clearIfValid=true, $name= 'XOOPS_TOKEN') | |
Private Attributes | |
$errors = array() | |
Definition at line 26 of file Security.php.
Check if there is a valid token in $_REQUEST[$name . '_REQUEST']
bool | $clearIfValid | whether to clear the token after validation |
bool | $token | token to validate |
string | $name | name of session variable |
Definition at line 39 of file Security.php.
References $name, and Xoops\Core\Security\validateToken().
Xoops\Core\Security::checkBadips | ( | ) |
Check if visitor's IP address is banned Should be changed to return bool and let the action be up to the calling script
Definition at line 184 of file Security.php.
References $_SERVER, $xoops, exit, and Xoops\getInstance().
Xoops\Core\Security::checkReferer | ( | $docheck = 1 | ) |
Check the user agent's HTTP REFERER against XOOPS_URL
int | $docheck | 0 to not check the referer (used with XML-RPC), 1 to actively check it |
Definition at line 163 of file Security.php.
References XoopsBaseConfig\get(), and Xoops\getInstance().
Xoops\Core\Security::clearTokens | ( | $name = 'XOOPS_TOKEN' | ) |
Clear all token values from user's session
string | $name | session name |
Definition at line 124 of file Security.php.
Xoops\Core\Security::createToken | ( | $timeout = 300 , |
|
$name = 'XOOPS_TOKEN' |
|||
) |
Create a token in the user's session
int | $timeout | time in seconds the token should be valid |
string | $name | name of session variable |
Definition at line 52 of file Security.php.
References $_SESSION, $name, Xoops\Core\Security\garbageCollection(), and Xoops\Core\Random\generateOneTimeToken().
Xoops\Core\Security::filterToken | ( | $token | ) |
Check whether a token value is expired or not
string | $token | token |
Definition at line 136 of file Security.php.
Referenced by Xoops\Core\Security\validateToken().
Xoops\Core\Security::garbageCollection | ( | $name = 'XOOPS_TOKEN' | ) |
Perform garbage collection, clearing expired tokens
string | $name | session name |
Definition at line 148 of file Security.php.
References $_SESSION, and $name.
Referenced by Xoops\Core\Security\createToken(), and Xoops\Core\Security\validateToken().
Xoops\Core\Security::getErrors | ( | $ashtml = false | ) |
Get generated errors
bool | $ashtml | Format using HTML? |
Definition at line 232 of file Security.php.
References Xoops\Core\Security\$errors.
Xoops\Core\Security::getTokenHTML | ( | $name = 'XOOPS_TOKEN' | ) |
Get the HTML code for a Xoops object - provides a hidden token field used in forms that do not use Xoops elements
string | $name | session token name |
Definition at line 207 of file Security.php.
References $name.
Xoops\Core\Security::setErrors | ( | $error | ) |
Add an error
string | $error | message |
Definition at line 220 of file Security.php.
References $error.
Referenced by Xoops\Core\Security\validateToken().
Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked
string | bool | $token | token to validate |
bool | $clearIfValid | whether to clear the token value if valid |
string | $name | session name to validate |
Definition at line 77 of file Security.php.
References $_SESSION, $i, $name, Xoops\Core\Security\filterToken(), Xoops\Core\Security\garbageCollection(), Xoops\getInstance(), and Xoops\Core\Security\setErrors().
Referenced by Xoops\Core\Security\check().
|
private |
Definition at line 28 of file Security.php.
Referenced by Xoops\Core\Security\getErrors().