Form/Element/Hash.php
Zend Framework
LICENSE
This source file is subject to the new BSD license that is bundled
with this package in the file LICENSE.txt.
It is also available through the world-wide-web at this URL:
http://framework.zend.com/license/new-bsd
If you did not receive a copy of the license and are unable to
obtain it through the world-wide-web, please send an email
to [email protected] so we can send you a copy immediately.
- Category
- Zend
- Copyright
- Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Package
- Zend_Form
- Subpackage
- Element
\Zend_Form_Element_Hash
Package: Zend_Form\Element
CSRF form protection
- Parent(s)
- \Zend_Form_Element_Xhtml < \Zend_Form_Element
- Category
- Zend
- Copyright
- Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Version
- $Id$
Properties
Methods
__construct(string | array | \Zend_Config $spec, array | \Zend_Config $options = null) : void
Constructor
Creates session namespace for CSRF token, and adds validator for CSRF
token.
ParametersName | Type | Description |
---|---|---|
$spec | string | array | \Zend_Config | |
$options | array | \Zend_Config |
_generateHash() : void
Generate CSRF token
Generates CSRF token and stores both in {@link $_hash} and element
value.
getHash() : string
Retrieve CSRF token
If no CSRF token currently exists, generates one.
ReturnsType | Description |
---|---|
string |
getSession() : \Zend_Session_Namespace
Get session object
Instantiate session object if none currently exists
ReturnsType | Description |
---|---|
\Zend_Session_Namespace |
getSessionName() : string
Get session namespace for CSRF token
Generates a session namespace based on salt, element name, and class.
ReturnsType | Description |
---|---|
string |
initCsrfValidator() : \Zend_Form_Element_Hash
Initialize CSRF validator
Creates Session namespace, and initializes CSRF token in session.
Additionally, adds validator for validating CSRF token.
ReturnsType | Description |
---|---|
\Zend_Form_Element_Hash |
render(\Zend_View_Interface $view = null) : string
Render CSRF token in form
Parameters
Returns
Name | Type | Description |
---|---|---|
$view | \Zend_View_Interface |
Type | Description |
---|---|
string |
setSalt(string $salt) : \Zend_Form_Element_Hash
Salt for CSRF token
Parameters
Returns
Name | Type | Description |
---|---|---|
$salt | string |
Type | Description |
---|---|
\Zend_Form_Element_Hash |
setSession(\Zend_Session_Namespace $session) : \Zend_Form_Element_Hash
Set session object
Parameters
Returns
Name | Type | Description |
---|---|---|
$session | \Zend_Session_Namespace |
Type | Description |
---|---|
\Zend_Form_Element_Hash |
setTimeout(int $ttl) : \Zend_Form_Element_Hash
Set timeout for CSRF session token
Parameters
Returns
Name | Type | Description |
---|---|---|
$ttl | int |
Type | Description |
---|---|
\Zend_Form_Element_Hash |