Skip to content

icms_core_Security

Raimondas Rimkevičius edited this page Mar 9, 2020 · 1 revision
Notice: Wiki was automatic generated from project sources as project API documentation. Do not edit manually!

icms_core_Security

Class for managing security aspects such as checking referers, applying tokens and checking global variables for contamination

  • Class name: icms_core_Security
  • Namespace:

Properties

$errors

public mixed $errors = array()
  • Visibility: public

Methods

__construct

mixed icms_core_Security::__construct()

Constructor

  • Visibility: public

check

bool icms_core_Security::check(bool clearIfValid, string token, string name)

Check if there is a valid token in $_REQUEST[$name . '_REQUEST'] - can be expanded for more wide use, later (Mith)

  • Visibility: public

Arguments

  • clearIfValid bool - <p>whether to clear the token after validation</p>
  • token string - <p>token to validate</p>
  • name string - <p>session name</p>

validateToken

bool icms_core_Security::validateToken(string|bool token, bool clearIfValid, string name)

Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked

  • Visibility: public

Arguments

  • token string|bool - <p>token to validate</p>
  • clearIfValid bool - <p>whether to clear the token value if valid</p>
  • name string - <p>session name to validate</p>

filterToken

bool icms_core_Security::filterToken(string token)

Check whether a token value is expired or not

  • Visibility: public

Arguments

  • token string

garbageCollection

void icms_core_Security::garbageCollection(string name)

Perform garbage collection, clearing expired tokens

  • Visibility: public

Arguments

  • name string - <p>session name</p>

createToken

string icms_core_Security::createToken(int timeout, string name)

Create a token in the user's session

  • Visibility: public

Arguments

  • timeout int - <p>time in seconds the token should be valid</p>
  • name string - <p>session name</p>

clearTokens

mixed icms_core_Security::clearTokens(string name)

Clear all token values from user's session

  • Visibility: public

Arguments

  • name string - <p>session name</p>

checkReferer

bool icms_core_Security::checkReferer(int docheck)

Check the user agent's HTTP REFERER against ICMS_URL

  • Visibility: public

Arguments

  • docheck int - <p>0 to not check the referer (used with XML-RPC), 1 to actively check it</p>

checkSuperglobals

void icms_core_Security::checkSuperglobals()

Check superglobals for contamination

  • Visibility: public

checkBadips

void icms_core_Security::checkBadips()

Check if visitor's IP address is banned

  • Visibility: public

getTokenHTML

string icms_core_Security::getTokenHTML(string name)

Get the HTML code for a token

  • Visibility: public

Arguments

  • name string - <p>Token field name</p>

getErrors

array|string icms_core_Security::getErrors(bool ashtml)

Get generated errors

  • Visibility: public

Arguments

  • ashtml bool - <p>Format using HTML?</p>

setErrors

mixed icms_core_Security::setErrors(string error)

Add an error

  • Visibility: public

Arguments

  • error string
Clone this wiki locally