yii\web\Request::validateCsrfTokenInternal PHP Method

Request Class Documentation Show file Open project: yiisoft/yii2

validateCsrfTokenInternal() private method

Validates CSRF token
private validateCsrfTokenInternal ( string $token, string $trueToken ) : boolean
$token string
$trueToken string
return boolean 
    private function validateCsrfTokenInternal($token, $trueToken)
    {
        if (!is_string($token)) {
            return false;
        }
        $token = base64_decode(str_replace('.', '+', $token));
        $n = StringHelper::byteLength($token);
        if ($n <= static::CSRF_MASK_LENGTH) {
            return false;
        }
        $mask = StringHelper::byteSubstr($token, 0, static::CSRF_MASK_LENGTH);
        $token = StringHelper::byteSubstr($token, static::CSRF_MASK_LENGTH, $n - static::CSRF_MASK_LENGTH);
        $token = $this->xorTokens($mask, $token);
        return $token === $trueToken;
    }
Request
createCsrfCookie
generateCsrfToken
get
getAbsoluteUrl
getAcceptableContentTypes
getAcceptableLanguages
getAuthPassword
getAuthUser
getBaseUrl
getBodyParam
getBodyParams
getContentType
getCookies
getCsrfToken
getCsrfTokenFromHeader
getETags
getHeaders
getHostInfo
getHostName
getIsAjax
getIsDelete
getIsFlash
getIsGet
getIsHead
getIsOptions
getIsPatch
getIsPjax
getIsPost
getIsPut
getIsSecureConnection
getMethod
getPathInfo
getPort
getPreferredLanguage
getQueryParam
getQueryParams
getQueryString
getRawBody
getReferrer
getScriptFile
getScriptUrl
getSecurePort
getServerName
getServerPort
getUrl
getUserAgent
getUserHost
getUserIP
loadCookies
loadCsrfToken
parseAcceptHeader
post
resolve
resolvePathInfo
resolveRequestUri
setAcceptableContentTypes
setAcceptableLanguages
setBaseUrl
setBodyParams
setHostInfo
setPathInfo
setPort
setQueryParams
setRawBody
setScriptFile
setScriptUrl
setSecurePort
setUrl
validateCsrfToken
validateCsrfTokenInternal
xorTokens