Class BeSecurityComponent

BeSecurityComponent class

Handle token to avoid CSFR attack

Object

Extended by

BeSecurityComponent

Located at controllers/components/be_security.php

Methods summary

`public`	# `initialize( Controller $controller, array $settings = array() )` initialize component initialize component Parameters `$controller` `$settings`
`public`	# `startup( Controller $controller )` startup component startup component Parameters `$controller`
`protected`	# `generateToken( )` generate token and put it in session generate token and put it in session
`protected boolean`	# `validateCsrf( )` Validate that the controller has a CSRF token in the POST data and that the token is legit/not expired Validate that the controller has a CSRF token in the POST data and that the token is legit/not expired Returns boolean Valid csrf token.

Properties summary

`public array`	`$components` list of components used list of components used	# `array('Session', 'RequestHandler')`
`public Controller`	`$controller` the controller that use this component the controller that use this component	# `null`
`public boolean`	`$validatePost` Whether to validate POST data. Set to false to disable for data coming from 3rd party services, etc. Whether to validate POST data. Set to false to disable for data coming from 3rd party services, etc.	# `true`
`public array`	`$disableActions` Controller actions on which csrf validation is disabled Controller actions on which csrf validation is disabled	# `array()`