Class SecTokenManager

Description
Description | Methods (details)

Provides and verifies security tokens

Security tokens are one time tokens used to validate a request. Security tokens can be used to prevent client side attacks (espacially CSRF). Also they are able to prevent users from causing trouble by reloading or skipping back in their browser.

Located in /phpsatk-lib/global/org.eenterphace.sat.security.sectoken/sectoken.manager.php (line 38) 


	
			







	
	

		
Method Summary

		

			Description |
												Methods (details)
		

		
			
			

								
				

											string
										getToken
											(string $for)
									

								
				

											void
										verifyToken
											(string $for, string $giventoken)
									

							

		

	
		

	
	
	

		
Methods

		

			Description |
																Methods (details)
						
		

		

			



	
	

		getToken (line 49)
	
 
	
	

Gets a token


The token is valid until the session is invalidated or the token is checked  by the verifyToken() method.

	
    
				
  • access: public
    • 
				
  • static: 
    • 
			

	
	

		string
		
			getToken
		
					(string $for)
			

	
			
    
					
  • 
				string
				$for: A short identifier for what the token is protecting.			
    • 
				

		
		
	




	
	

		verifyToken (line 72)
	
 
	
	

Verifies a token


Checks whether the token has been issued by the server and is valid.  By checking the token will be invalidated.  Throws an exception when an error occures.

	
    
				
  • access: public
    • 
				
  • static: 
    • 
			

	
	

		void
		
			verifyToken
		
					(string $for, string $giventoken)
			

	
			
    
					
  • 
				string
				$for: The same short identifier as passed to getToken()			
    • 
					
  • 
				string
				$giventoken: The token passed by the user.			
    • 
				

		
		
	

						
		

	



	

		Documentation generated on Mon, 21 May 2007 10:35:19 +0200 by phpDocumentor 1.3.0RC5