Gitee
\
CodeIgniter
API
Autoloader
Cache
Exceptions
Handlers
CLI
Exceptions
Commands
Database
Server
Sessions
Utilities
Config
Database
Exceptions
MySQLi
Postgre
SQLite3
Debug
Toolbar
Collectors
Email
Encryption
Exceptions
Handlers
Events
Exceptions
Files
Exceptions
Filters
Exceptions
Format
Exceptions
Honeypot
Exceptions
HTTP
Exceptions
Files
I18n
Exceptions
Images
Exceptions
Handlers
Log
Exceptions
Handlers
Pager
Exceptions
Router
Exceptions
Security
Exceptions
Session
Exceptions
Handlers
Test
Filters
Throttle
Typography
Validation
Exceptions
View
Exceptions
Config
My
Field
Book
Phpcmf
Admin
Controllers
Admin
Api
Member
Extend
Field
Home
Library
Member
Model
Bbs
Bdtj
Bdts
Block
Book
Cqx
Fstatus
Hy
Mbdyf
Myapp
Navigator
Order
Page
Sitemap
Sites
Store
Tag
Tixian
Variable
Xcx
Yuedusf
Zone
ThirdParty
Storage
Psr
Log
Xcx
Zend
Escaper
Exception

\Phpcmf\ExtendSecurity

HTTP security handler.

Summary

Methods
Properties
Constants
__construct()
CSRFVerify()
CSRFSetCookie()
getCSRFHash()
getCSRFTokenName()
sanitizeFilename()
$filenameBadChars
No constants found
CSRFSetHash()
$CSRFHash
$CSRFExpire
$CSRFTokenName
$CSRFHeaderName
$CSRFCookieName
$CSRFRegenerate
$cookiePath
$cookieDomain
$cookieSecure
N/A
No private methods found
No private properties found
N/A

Properties

$filenameBadChars

$filenameBadChars : array

List of sanitize filename strings

Type

array

$CSRFHash

$CSRFHash : string

CSRF Hash

Random hash for Cross Site Request Forgery protection cookie

Type

string

$CSRFExpire

$CSRFExpire : integer

CSRF Expire time

Expiration time for Cross Site Request Forgery protection cookie. Defaults to two hours (in seconds).

Type

integer

$CSRFTokenName

$CSRFTokenName : string

CSRF Token name

Token name for Cross Site Request Forgery protection cookie.

Type

string

$CSRFHeaderName

$CSRFHeaderName : string

CSRF Header name

Token name for Cross Site Request Forgery protection cookie.

Type

string

$CSRFCookieName

$CSRFCookieName : string

CSRF Cookie name

Cookie name for Cross Site Request Forgery protection cookie.

Type

string

$CSRFRegenerate

$CSRFRegenerate : boolean

CSRF Regenerate

If true, the CSRF Token will be regenerated on every request. If false, will stay the same for the life of the cookie.

Type

boolean

$cookiePath

$cookiePath : string

Typically will be a forward slash

Type

string

$cookieDomain

$cookieDomain : string

Set to .your-domain.com for site-wide cookies

Type

string

$cookieSecure

$cookieSecure : boolean

Cookie will only be set if a secure HTTPS connection exists.

Type

boolean

Methods

__construct()

__construct(\Config\App  $config)

Security constructor.

Stores our configuration and fires off the init() method to setup initial state.

Parameters

\Config\App $config

Throws

\Exception

CSRFVerify()

CSRFVerify(\CodeIgniter\HTTP\RequestInterface  $request) : $this|false

CSRF Verify

Parameters

\CodeIgniter\HTTP\RequestInterface $request

Throws

\Exception

Returns

$this|false

getCSRFHash()

getCSRFHash() : string

Returns the current CSRF Hash.

Returns

string

getCSRFTokenName()

getCSRFTokenName() : string

Returns the CSRF Token Name.

Returns

string

sanitizeFilename()

sanitizeFilename(string  $str, boolean  $relative_path = false) : string

Sanitize Filename

Tries to sanitize filenames in order to prevent directory traversal attempts and other security threats, which is particularly useful for files that were supplied via user input.

If it is acceptable for the user input to include relative paths, e.g. file/in/some/approved/folder.txt, you can set the second optional parameter, $relative_path to TRUE.

Parameters

string $str

Input file name
boolean $relative_path

Whether to preserve paths

Returns

string

CSRFSetHash()

CSRFSetHash() : string

Sets the CSRF Hash and cookie.

Throws

\Exception

Returns

string