MediaWiki REL1_33
|
Value object representing a CSRF token. More...
Public Member Functions | |
__construct ( $secret, $salt, $new=false) | |
__toString () | |
match ( $userToken, $maxAge=null) | |
Test if the token-string matches this token. | |
toString () | |
Get the string representation of the token. | |
wasNew () | |
Indicate whether this token was just created. | |
Static Public Member Functions | |
static | getTimestamp ( $token) |
Decode the timestamp from a token string. | |
Public Attributes | |
const | SUFFIX = '+\\' |
CSRF token suffix. | |
Protected Member Functions | |
toStringAtTimestamp ( $timestamp) | |
Get the string representation of the token at a timestamp. | |
Private Attributes | |
bool | $new = false |
string | $salt = '' |
string | $secret = '' |
MediaWiki\Session\Token::__construct | ( | $secret, | |
$salt, | |||
$new = false ) |
string | $secret | Token secret |
string | $salt | Token salt |
bool | $new | Whether the secret was newly-created |
Definition at line 51 of file Token.php.
References MediaWiki\Session\Token\$new, MediaWiki\Session\Token\$salt, and MediaWiki\Session\Token\$secret.
MediaWiki\Session\Token::__toString | ( | ) |
Definition at line 98 of file Token.php.
References MediaWiki\Session\Token\toString().
|
static |
Decode the timestamp from a token string.
Does not validate the token beyond the syntactic checks necessary to be able to extract the timestamp.
string | $token |
Definition at line 66 of file Token.php.
References and().
Referenced by MediaWiki\Session\Token\match(), and MediaWiki\Session\TokenTest\testGetTimestamp().
MediaWiki\Session\Token::match | ( | $userToken, | |
$maxAge = null ) |
Test if the token-string matches this token.
string | $userToken | |
int | null | $maxAge | Return false if $userToken is older than this many seconds |
Reimplemented in LoggedOutEditToken.
Definition at line 108 of file Token.php.
References and(), MediaWiki\Session\Token\getTimestamp(), MediaWiki\Session\Token\toStringAtTimestamp(), and wfTimestamp().
MediaWiki\Session\Token::toString | ( | ) |
Get the string representation of the token.
Definition at line 94 of file Token.php.
References MediaWiki\Session\Token\toStringAtTimestamp(), and wfTimestamp().
Referenced by MediaWiki\Session\Token\__toString().
|
protected |
Get the string representation of the token at a timestamp.
int | $timestamp |
Reimplemented in LoggedOutEditToken.
Definition at line 84 of file Token.php.
References and(), and MediaWiki\Session\Token\SUFFIX.
Referenced by MediaWiki\Session\Token\match(), and MediaWiki\Session\Token\toString().
MediaWiki\Session\Token::wasNew | ( | ) |
Indicate whether this token was just created.
Definition at line 126 of file Token.php.
References MediaWiki\Session\Token\$new.
|
private |
Definition at line 44 of file Token.php.
Referenced by MediaWiki\Session\Token\__construct(), and MediaWiki\Session\Token\wasNew().
|
private |
Definition at line 41 of file Token.php.
Referenced by MediaWiki\Session\Token\__construct().
|
private |
Definition at line 38 of file Token.php.
Referenced by MediaWiki\Session\Token\__construct().
const MediaWiki\Session\Token::SUFFIX = '+\\' |
CSRF token suffix.
Plus and terminal backslash are included to stop editing from certain broken proxies.
Definition at line 35 of file Token.php.
Referenced by LoggedOutEditToken\match(), MediaWiki\Session\Token\toStringAtTimestamp(), and LoggedOutEditToken\toStringAtTimestamp().