Public Member Functions
	check ($clearIfValid=true, $token=false, $name='XOOPS_TOKEN')

	createToken ($timeout=0, $name='XOOPS_TOKEN')

	validateToken ($token=false, $clearIfValid=true, $name='XOOPS_TOKEN')

	clearTokens ($name='XOOPS_TOKEN')

	filterToken ($token)

	garbageCollection ($name='XOOPS_TOKEN')

	checkReferer ($docheck=1)

	checkSuperglobals ()

	checkBadips ()

	getTokenHTML ($name='XOOPS_TOKEN')

	setErrors ($error)

&	getErrors ($ashtml=false)

Data Fields
	$errors = array()

Detailed Description

Class XoopsSecurity

Member Function Documentation

◆ check()

check	(	$clearIfValid = `true`,
		$token = `false`,
		$name = `'XOOPS_TOKEN'`
	)

Check if there is a valid token in $_REQUEST[$name . '_REQUEST'] - can be expanded for more wide use, later (Mith)

Parameters

bool	$clearIfValid	whether to clear the token after validation
string \| false	$token	token to validate
string	$name	name of session variable

Returns: bool

Here is the call graph for this function:

◆ checkBadips()

checkBadips ( )

Check if visitor's IP address is banned Should be changed to return bool and let the action be up to the calling script

Returns: void

◆ checkReferer()

checkReferer ( $docheck = 1 )

Check the user agent's HTTP REFERER against XOOPS_URL

Parameters

int $docheck 0 to not check the referer (used with XML-RPC), 1 to actively check it

Returns: bool

Here is the call graph for this function:

◆ checkSuperglobals()

checkSuperglobals ( )

Check superglobals for contamination

Returns: void

◆ clearTokens()

clearTokens ( $name = 'XOOPS_TOKEN' )

Clear all token values from user's session

Parameters

string $name session name

Returns: void

◆ createToken()

createToken	(	$timeout = `0`,
		$name = `'XOOPS_TOKEN'`
	)

Create a token in the user's session

Parameters

int \| string	$timeout	time in seconds the token should be valid
string	$name	name of session variable

Returns: string token value

Here is the call graph for this function:

◆ filterToken()

filterToken ( $token )

Check whether a token value is expired or not

Parameters

string $token token

Returns: bool

Here is the caller graph for this function:

◆ garbageCollection()

garbageCollection ( $name = 'XOOPS_TOKEN' )

Perform garbage collection, clearing expired tokens

Parameters

string $name session name

Returns: void

Here is the caller graph for this function:

◆ getErrors()

& getErrors ( $ashtml = false )

Get generated errors

Parameters

bool $ashtml Format using HTML?

Returns: array|string Array of array messages OR HTML string

◆ getTokenHTML()

getTokenHTML ( $name = 'XOOPS_TOKEN' )

Get the HTML code for a XoopsFormHiddenToken object - used in forms that do not use XoopsForm elements

Parameters

string $name session token name

Returns: string

◆ setErrors()

setErrors ( $error )

Add an error

Parameters

string $error message

Returns: void

Here is the caller graph for this function:

◆ validateToken()

validateToken	(	$token = `false`,
		$clearIfValid = `true`,
		$name = `'XOOPS_TOKEN'`
	)

Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked

Parameters

string \| false	$token	token to validate
bool	$clearIfValid	whether to clear the token value if valid
string	$name	session name to validate

Returns: bool

Here is the call graph for this function:

Here is the caller graph for this function:

Field Documentation

◆ $errors

$errors = array()

The documentation for this class was generated from the following file:

C:/xoops2511b2/htdocs/class/xoopssecurity.php

Public Member Functions

Data Fields

Detailed Description

Member Function Documentation

◆ check()

◆ checkBadips()

◆ checkReferer()

◆ checkSuperglobals()

◆ clearTokens()

◆ createToken()

◆ filterToken()

◆ garbageCollection()

◆ getErrors()

◆ getTokenHTML()

◆ setErrors()

◆ validateToken()

Field Documentation

◆ $errors