PHP Class SecurityComponent, miniPHP

Long description for file

Inheritance: extends Object

Show file Open project: omarelgabry/miniphp

Protected Properties

Property	Type	Description
$config	array	Default configurations

Public Methods

Method	Description
CsrfToken ( array $config = [] ) : boolean	validate CSRF token CSRF token can be passed with submitted forms and links associated with sensitive server-side operations.
form ( array $config ) : boolean	validate submitted form - Unknown fields cannot be added to the form.
requireAjax ( array $actions = [] )	Sets the actions that require a Ajax request
requireGet ( array $actions = [] )	Sets the actions that require a GET request
requirePost ( array $actions = [] )	Sets the actions that require a POST request
requireSecure ( array $actions = [] )	Sets the actions that require secured connection(SSL)
startup ( )	Auth startup All security checking are done in this method

Private Methods

Method	Description
invalidRequest ( string \| null $callback = null ) : mixed	Handles invalid request with a 400 Bad Request Error If no callback is specified.
requestRequired ( ) : boolean	Check & validate from the required HTTP methods, like: Post, Ajax, Get
secureRequired ( ) : boolean	Check & validate if secured connection is required.
validateDomain ( ) : boolean	Check & validate if request is coming from the same domain; if equals to $this->request->host() HTTP referer tells the domain where the request came from.

Method Details

CsrfToken() public method

In case of GET request, you need to set 'validateCsrfToken' in $config to true.

public CsrfToken ( array $config = [] ) : boolean
$config	array	configuration data
return	boolean

form() public method

- Fields cannot be removed from the form. Use $exclude to exclude anything mightn't be sent with the form, like possible empty arrays, checkboxes, radio buttons, ...etc. By default, the submit field will be excluded.

public form ( array $config ) : boolean
$config	array	configuration data
return	boolean

requireAjax() public method

Sets the actions that require a Ajax request

public requireAjax ( array $actions = [] )
$actions	array

requireGet() public method

Sets the actions that require a GET request

public requireGet ( array $actions = [] )
$actions	array

requirePost() public method

Sets the actions that require a POST request

public requirePost ( array $actions = [] )
$actions	array

requireSecure() public method

Sets the actions that require secured connection(SSL)

public requireSecure ( array $actions = [] )
$actions	array

startup() public method

Auth startup All security checking are done in this method

public startup ( )

Property Details

$config protected property

Default configurations

protected array $config
return	array