ntp.snails.email - NTP REST API!
\

\APISecurity

Class APISecurity

Summary

Methods
Properties
Constants
check()
createToken()
validateToken()
clearTokens()
filterToken()
garbageCollection()
checkReferer()
checkSuperglobals()
checkBadips()
getTokenHTML()
setErrors()
getErrors()
$errors
No constants found
No protected methods found
No protected properties found
N/A
No private methods found
No private properties found
N/A

Properties

$errors

$errors :

Type

Methods

check()

check(  clearIfValid = true, string|bool  token = false,   name = API_TOKEN) :

Check if there is a valid token in $_REQUEST[$name . '_REQUEST'] - can be expanded for more wide use, later (Mith)

Parameters

clearIfValid

whether to clear the token after validation
string|bool token

token to validate
name

name of session variable

Returns

createToken()

createToken(int|string  timeout,   name = API_TOKEN) :

Create a token in the user's session

Parameters

int|string timeout

time in seconds the token should be valid
name

name of session variable

Returns

token value

validateToken()

validateToken(string|bool  token = false,   clearIfValid = true,   name = API_TOKEN) :

Check if a token is valid. If no token is specified, $_REQUEST[$name . '_REQUEST'] is checked

Parameters

string|bool token

token to validate
clearIfValid

whether to clear the token value if valid
name

session name to validate

Returns

clearTokens()

clearTokens(  name = API_TOKEN) :

Clear all token values from user's session

Parameters

name

session name

Returns

filterToken()

filterToken(  token) :

Check whether a token value is expired or not

Parameters

token

token

Returns

garbageCollection()

garbageCollection(  name = API_TOKEN) :

Perform garbage collection, clearing expired tokens

Parameters

name

session name

Returns

checkReferer()

checkReferer(  docheck = 1) :

Check the user agent's HTTP REFERER against API_URL

Parameters

docheck

0 to not check the referer (used with XML-RPC), 1 to actively check it

Returns

checkSuperglobals()

checkSuperglobals() :

Check superglobals for contamination

Returns

checkBadips()

checkBadips() :

Check if visitor's IP address is banned Should be changed to return bool and let the action be up to the calling script

Returns

getTokenHTML()

getTokenHTML(  name = API_TOKEN) :

Get the HTML code for a APIFormHiddenToken object - used in forms that do not use APIForm elements

Parameters

name

session token name

Returns

setErrors()

setErrors(  error) :

Add an error

Parameters

error

message

Returns

getErrors()

getErrors(  ashtml = false) : array|string

Get generated errors

Parameters

ashtml

Format using HTML?

Returns

array|string —

Array of array messages OR HTML string