Class XoopsSecurity
Methods | ||||||||
---|---|---|---|---|---|---|---|---|
public
|
check(bool $clearIfValid = true, string|false $token = false, string $name = 'XOOPS_TOKEN'): bool
Check if there is a valid token in $_REQUEST[$name . '_REQUEST'] - can be expanded for more wide use, later (Mith)
Check if there is a valid token in $_REQUEST[$name . '_REQUEST'] - can be expanded for more wide use, later (Mith) Parameters
|
# | ||||||
public
|
createToken(int|string $timeout = 0, string $name = 'XOOPS_TOKEN'): string
Create a token in the user's session
Create a token in the user's session Parameters
Returnstoken value |
# | ||||||
public
|
validateToken(string|false $token = false, bool $clearIfValid = true, string $name = 'XOOPS_TOKEN'): bool
Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked
Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked Parameters
|
# | ||||||
public
|
clearTokens(string $name = 'XOOPS_TOKEN'): void
Clear all token values from user's session
Clear all token values from user's session Parameters
|
# | ||||||
public
|
filterToken(string $token): bool
Check whether a token value is expired or not
Check whether a token value is expired or not Parameters
|
# | ||||||
public
|
garbageCollection(string $name = 'XOOPS_TOKEN'): void
Perform garbage collection, clearing expired tokens
Perform garbage collection, clearing expired tokens Parameters
|
# | ||||||
public
|
checkReferer(int $docheck = 1): bool
Check the user agent's HTTP REFERER against XOOPS_URL
Check the user agent's HTTP REFERER against XOOPS_URL Parameters
|
# | ||||||
public
|
checkSuperglobals(): void
Check superglobals for contamination
Check superglobals for contamination |
# | ||||||
public
|
checkBadips(): void
Check if visitor's IP address is banned
Should be changed to return bool and let the action be up to the calling script
Check if visitor's IP address is banned Should be changed to return bool and let the action be up to the calling script |
# | ||||||
public
|
getTokenHTML(string $name = 'XOOPS_TOKEN'): string
Get the HTML code for a XoopsFormHiddenToken object - used in forms that do not use XoopsForm elements
Get the HTML code for a XoopsFormHiddenToken object - used in forms that do not use XoopsForm elements Parameters
|
# | ||||||
public
|
setErrors(string $error): void
Add an error
Add an error Parameters
|
# | ||||||
public
&
|
getErrors(bool $ashtml = false): array|string
Get generated errors
Get generated errors Parameters
ReturnsArray of array messages OR HTML string |
# |
Properties | |||
---|---|---|---|
public
|
|
$errors = []
|
# |