forked from avdg/ppi-framework-old
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Security.php
47 lines (42 loc) · 1.01 KB
/
Security.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
<?php
/**
* @author Paul Dragoonis <dragoonis@php.net>
* @license http://opensource.org/licenses/mit-license.php MIT
* @copyright Digiflex Development
* @package Core
* @link www.ppiframework.com
*
*/
class PPI_Security {
/**
* Create a new CSRF key and set it in the session
* @return string The Token
*/
public static function createCSRF() {
$token = md5(uniqid(mt_rand(), true));
self::setCSRF($token);
return $token;
}
/**
* Validate CSRF key with one in the session
* @param string $token
* @return boolean
*/
public static function checkCSRF($token) {
return $token !== null ? self::getCSRF() === $token : false;
}
/**
* Set the CSRF in the session
* @param string $token
*/
public static function setCSRF($token) {
PPI_Helper::getSession()->set('PPI_Security::csrfToken', $token);
}
/**
* Get the CSRF token from the session
* @return string
*/
public static function getCSRF() {
return PPI_Helper::getSession()->get('PPI_Security::csrfToken');
}
}