Zend Framework
LICENSE
This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to license@zend.com so we can send you a copy immediately.
CSRF form protection
mixed $_hash = ''
Actual hash used.
string $_salt = 'salt'
Salt for CSRF token
Zend_Session_Namespace $_session = ''
int $_timeout = '300'
TTL for CSRF token
string $helper = 'formHidden'
Use formHidden view helper by default
__construct(
string|array|Zend_Config $spec, array|Zend_Config $options
=
null
)
:
void
Constructor
Creates session namespace for CSRF token, and adds validator for CSRF token.
_generateHash(
)
:
void
Generate CSRF token
Generates CSRF token and stores both in {@link $_hash} and element value.
getHash(
)
:
string
Retrieve CSRF token
If no CSRF token currently exists, generates one.
getLabel(
)
:
null
Override getLabel() to always be empty
getSalt(
)
:
string
Retrieve salt for CSRF token
getSession(
)
:
Zend_Session_Namespace
Get session object
Instantiate session object if none currently exists
getSessionName(
)
:
string
Get session namespace for CSRF token
Generates a session namespace based on salt, element name, and class.
getTimeout(
)
:
int
Get CSRF session token timeout
initCsrfToken(
)
:
void
Initialize CSRF token in session
initCsrfValidator(
)
:
Zend_Form_Element_Hash
Initialize CSRF validator
Creates Session namespace, and initializes CSRF token in session. Additionally, adds validator for validating CSRF token.
render(
Zend_View_Interface $view
=
null
)
:
string
Render CSRF token in form
setSalt(
string $salt
)
:
Zend_Form_Element_Hash
Salt for CSRF token
setSession(
Zend_Session_Namespace $session
)
:
Zend_Form_Element_Hash
Set session object
setTimeout(
int $ttl
)
:
Zend_Form_Element_Hash
Set timeout for CSRF session token