Form/Element/Hash.php

Show: PublicProtectedPrivateinherited
Table of Contents
Zend Framework
LICENSE This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to [email protected] so we can send you a copy immediately.
Category
Zend  
Copyright
Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Package
Zend_Form  
Subpackage
Element  

\Zend_Form_Element_Hash

Package: Zend_Form\Element
CSRF form protection
Parent(s)
\Zend_Form_Element_Xhtml < \Zend_Form_Element
Category
Zend  
Copyright
Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Version
$Id$  

Properties

>VPropertyprotectedmixed $_hash
Actual hash used.
Details
Type
mixed
>VPropertyprotectedstring $_salt = 'salt'
Salt for CSRF token
Default value'salt'Details
Type
string
>VPropertyprotected\Zend_Session_Namespace $_session
>VPropertyprotectedint $_timeout = 300
TTL for CSRF token
Default value300Details
Type
int
>VPropertypublicstring $helper = 'formHidden'
Use formHidden view helper by default
Default value'formHidden'Details
Type
string

Methods

methodpublic__construct(string | array | \Zend_Config $spec, array | \Zend_Config $options = null) : void

Constructor

Creates session namespace for CSRF token, and adds validator for CSRF token.
Parameters
NameTypeDescription
$specstring | array | \Zend_Config
$optionsarray | \Zend_Config
methodprotected_generateHash() : void

Generate CSRF token

Generates CSRF token and stores both in {@link $_hash} and element value.
methodpublicgetHash() : string

Retrieve CSRF token

If no CSRF token currently exists, generates one.
Returns
TypeDescription
string
methodpublicgetLabel() : null

Override getLabel() to always be empty

Returns
TypeDescription
null
methodpublicgetSalt() : string

Retrieve salt for CSRF token

Returns
TypeDescription
string
methodpublicgetSession() : \Zend_Session_Namespace

Get session object

Instantiate session object if none currently exists
Returns
TypeDescription
\Zend_Session_Namespace
methodpublicgetSessionName() : string

Get session namespace for CSRF token

Generates a session namespace based on salt, element name, and class.
Returns
TypeDescription
string
methodpublicgetTimeout() : int

Get CSRF session token timeout

Returns
TypeDescription
int
methodpublicinitCsrfToken() : void

Initialize CSRF token in session

methodpublicinitCsrfValidator() : \Zend_Form_Element_Hash

Initialize CSRF validator

Creates Session namespace, and initializes CSRF token in session. Additionally, adds validator for validating CSRF token.
Returns
TypeDescription
\Zend_Form_Element_Hash
methodpublicrender(\Zend_View_Interface $view = null) : string

Render CSRF token in form

Parameters
NameTypeDescription
$view\Zend_View_Interface
Returns
TypeDescription
string
methodpublicsetSalt(string $salt) : \Zend_Form_Element_Hash

Salt for CSRF token

Parameters
NameTypeDescription
$saltstring
Returns
TypeDescription
\Zend_Form_Element_Hash
methodpublicsetSession(\Zend_Session_Namespace $session) : \Zend_Form_Element_Hash

Set session object

Parameters
NameTypeDescription
$session\Zend_Session_Namespace
Returns
TypeDescription
\Zend_Form_Element_Hash
methodpublicsetTimeout(int $ttl) : \Zend_Form_Element_Hash

Set timeout for CSRF session token

Parameters
NameTypeDescription
$ttlint
Returns
TypeDescription
\Zend_Form_Element_Hash
Documentation was generated by phpDocumentor 2.2.0 .