Docs For Class Controller_ForgeryProtection

Controller_ForgeryProtection

Description

Utilities for protection against cross site request forgeries.

This class is used by Controller_Base to implement the protect_from_forgery filter and the form_authenticity_token method.

Located in /controller/lib/Controller/ForgeryProtection.php (line 13)

Class Constant Summary

KEY = 'CSRFToken'

PARAMETER = 'request_token'

Method Summary

static string authenticity_token ()

static boolean is_request_verified ()

static string random_bytes (int $size)

Methods

static authenticity_token (line 22)

Return the current session's request token

access: public

string authenticity_token ()

static is_request_verified (line 34)

Test the current request for authenticity. Returns true if the request has been verified as authentic or does not require verification (i.e. GET requests).

access: public

boolean is_request_verified ()

static random_bytes (line 45)

Return a string of random bytes

access: public

string random_bytes (int $size)

int $size: The number of random bytes

Class Constants

KEY = 'CSRFToken' (line 15)

PARAMETER = 'request_token' (line 16)

Documentation generated on Wed, 25 Apr 2012 09:46:42 -0700 by phpDocumentor 1.4.3