PHP Class Airship\Engine\Security\CSRF

显示文件 Open project: paragonie/airship Class Usage Examples

Protected Properties

Property Type Description
$expireOld boolean
$hmacIP Default to FALSE to be friendly to Tor/Mobile users
$recycleAfter integer
$sessionIndex string

Public Methods

Method Description
__construct ( array $options = [] ) CSRF constructor.
check ( ) : boolean Validate a request based on $_SESSION and $_POST data
getTokenString ( string $lockTo = '' ) : string Retrieve a token array for unit testing endpoints
insertToken ( string $lockTo = '', boolean $echo = true ) : string Insert a CSRF token to a form
reconfigure ( array $options = [] ) Use this to change the configuration settings.

Protected Methods

Method Description
generateToken ( string $lockTo = '' ) : array Generate, store, and return the index and token
recycleTokens ( ) Enforce an upper limit on the number of tokens stored in session state by removing the oldest tokens first.

Method Details

__construct() public method

CSRF constructor.
public __construct ( array $options = [] )
$options array

check() public method

Validate a request based on $_SESSION and $_POST data
public check ( ) : boolean
return boolean

generateToken() protected method

Generate, store, and return the index and token
protected generateToken ( string $lockTo = '' ) : array
$lockTo string What URI endpoint this is valid for
return array [string, string]

getTokenString() public method

Retrieve a token array for unit testing endpoints
public getTokenString ( string $lockTo = '' ) : string
$lockTo string - Only get tokens locked to a particular form
return string

insertToken() public method

Insert a CSRF token to a form
public insertToken ( string $lockTo = '', boolean $echo = true ) : string
$lockTo string This CSRF token is only valid for this HTTP request endpoint
$echo boolean if true, echo instead of returning
return string

reconfigure() public method

Only use this if you know what you are doing.
public reconfigure ( array $options = [] )
$options array

recycleTokens() protected method

Enforce an upper limit on the number of tokens stored in session state by removing the oldest tokens first.
protected recycleTokens ( )

Property Details

$expireOld protected_oe property

protected bool $expireOld
return boolean

$hmacIP protected_oe property

Default to FALSE to be friendly to Tor/Mobile users
protected $hmacIP

$recycleAfter protected_oe property

protected int $recycleAfter
return integer

$sessionIndex protected_oe property

protected string $sessionIndex
return string