AloFramework documentation
  • Namespace
  • Class
  • Tree
  • Deprecated
  • Todo

Namespaces

  • Alo
    • Cache
    • CLI
    • Controller
    • Db
    • Exception
    • FileSystem
    • Session
    • Statics
    • Validators
    • Windows
  • Controller
  • None
  • PHP

Classes

  • Cookie
  • Format
  • Security

Class Security

Handles hashing, tokens, randomising and other security operations

Abstract
Namespace:Alo\Statics
Author:Art <a.molcanovas@gmail.com>
Located atsys/class/alo/statics/security.php

Methods summary

public static string|array
#unXss(string|array$item)

Escapes a string or array (recursively) from XSS attacks

Escapes a string or array (recursively) from XSS attacks

Parameters

$item
string|array
$item The item to be escaped

Returns

string|array

Author

Art <a.molcanovas@gmail.com>
public static string
#tokenGet(string$tokenName,string$hash='md5')

Generates a token and sets it in session

Generates a token and sets it in session

Parameters

$tokenName
string
$tokenName The token name
$hash
string
$hash Which hash algorithm to use

Returns

string
The generated token

Author

Art <a.molcanovas@gmail.com>
public static string
#getUniqid(string$hash='md5',string|integer$prefix=null,integer$entropy=50)

Generates a unique identifier

Generates a unique identifier

Parameters

$hash
string
$hash Hash algorithm
$prefix
string|integer
$prefix Prefix for the identifier
$entropy
integer
$entropy Number of pseudo bytes used in entropy

Returns

string

Author

Art <a.molcanovas@gmail.com>
public static string
#asciiRand(integer$length,integer$subset=Alo\Statics\Security::ASCII_ALL)

Generates a string of random ASCII characters

Generates a string of random ASCII characters

Parameters

$length
integer
$length The length of the string
$subset
integer
$subset Which subset to use - see class' ASCII_* constants

Returns

string

Author

Art <a.molcanovas@gmail.com>
public static boolean
#tokenValid(string$tokenName,array$dataArray=null)

Checks if a token is valid

Checks if a token is valid

Parameters

$tokenName
string
$tokenName The token name
$dataArray
array
$dataArray Which data array to check. Defaults to $_POST

Returns

boolean
TRUE if the token is valid, false if not

Author

Art <a.molcanovas@gmail.com>
public static boolean
#tokenRemove(string$tokenName)

Removes a token from session data

Removes a token from session data

Parameters

$tokenName
string
$tokenName The token's name

Returns

boolean
TRUE if the session handler was loaded, false if not

Author

Art <a.molcanovas@gmail.com>
public static string
#getFingerprint( )

Returns an unhashed browser/IP fingerprint

Returns an unhashed browser/IP fingerprint

Returns

string

Author

Art <a.molcanovas@gmail.com>

Magic methods summary

Constants summary

integerASCII_ALL0
#

Defines the ascii charset subset as "the entire set"

Defines the ascii charset subset as "the entire set"

integerASCII_ALPHANUM1
#

Defines the ascii charset subset as "only alphanumeric"

Defines the ascii charset subset as "only alphanumeric"

integerASCII_NONALPHANUM2
#

Defines the ascii charset subset as "only non-alphanumeric"

Defines the ascii charset subset as "only non-alphanumeric"

Properties summary

protected static array$asciiAlphanum
#

Array of ASCII alphanumeric characters

Array of ASCII alphanumeric characters

protected static array$asciiRest
#

The rest of the ASCII charset

The rest of the ASCII charset

AloFramework documentation API documentation generated byApiGen 2.8.0