CKFinder_Connector_CommandHandler_CommandHandlerBase::checkCsrfToken PHP Метод

Документация по классу CKFinder_Connector_CommandHandler_CommandHandlerBase Показать файл Открыть проект

checkCsrfToken() защищенный Метод

Checks if the request contains a valid token that matches the value sent in the cookie.

См. также: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Double_Submit_Cookies

protected checkCsrfToken ( string $tokenParamName = 'ckCsrfToken', string $tokenCookieName = 'ckCsrfToken', integer $minTokenLength = 32 ) : boolean
$tokenParamName	string
$tokenCookieName	string
$minTokenLength	integer
Результат	boolean	true if token is valid, false otherwise

    protected function checkCsrfToken($tokenParamName = 'ckCsrfToken', $tokenCookieName = 'ckCsrfToken', $minTokenLength = 32)
    {
        $paramToken = isset($_POST[$tokenParamName]) ? trim((string) $_POST[$tokenParamName]) : '';
        $cookieToken = isset($_COOKIE[$tokenCookieName]) ? trim((string) $_COOKIE[$tokenCookieName]) : '';
        if (strlen($paramToken) >= $minTokenLength && strlen($cookieToken) >= $minTokenLength) {
            return $paramToken === $cookieToken;
        }
        return false;
    }

CKFinder_Connector_CommandHandler_CommandHandlerBase

__construct

checkConnector

checkCsrfToken

checkRequest

getFolderHandler