Public Member Functions | Public Attributes | Protected Member Functions

BeSecurityComponent Class Reference

BeSecurityComponent class. More...

List of all members.

Public Member Functions

 initialize ($controller, $settings=array())
 initialize component
 startup ($controller)
 startup component

Public Attributes

 $components = array('Session', 'RequestHandler')
 $controller = null
 $validatePost = true
 $disableActions = array()

Protected Member Functions

 generateToken ()
 generate token and put it in session
 validateCsrf ()
 Validate that the controller has a CSRF token in the POST data and that the token is legit/not expired.

Detailed Description

BeSecurityComponent class.

Handle token to avoid CSFR attack

Definition at line 29 of file be_security.php.


Member Function Documentation

BeSecurityComponent::generateToken (  )  [protected]

generate token and put it in session

Returns:
void

Definition at line 96 of file be_security.php.

Referenced by startup().

BeSecurityComponent::initialize ( controller,
settings = array() 
)

initialize component

Parameters:
Controller $controller
array $settings
Returns:
void

Definition at line 65 of file be_security.php.

BeSecurityComponent::startup ( controller  ) 

startup component

Parameters:
Controller $controller
Returns:
void

Definition at line 76 of file be_security.php.

References generateToken(), and validateCsrf().

BeSecurityComponent::validateCsrf (  )  [protected]

Validate that the controller has a CSRF token in the POST data and that the token is legit/not expired.

Returns:
bool Valid csrf token.

Definition at line 137 of file be_security.php.

Referenced by startup().


The documentation for this class was generated from the following file:
Generated on Fri Dec 11 2015 15:29:46 by Doxygen 1.7.1  BEditaBEdita 3.7 Corylus