class Csrf (View source)

Provide CSRF protection utilities through WordPress nonces.

Methods

__construct(string $key = '__wpemergeCsrfToken', integer $maximum_lifetime = 2)

Constructor.

string
getToken(int|string $action = -1)

Get the last generated token.

string
getTokenFromRequest(RequestInterface $request)

Get the csrf token from a request.

string
generateToken(int|string $action = -1)

Generate a new token.

boolean
isValidToken(string $token, int|string $action = -1)

Check if a token is valid.

string
url(string $url, int|string $action = -1)

Add the token to a URL.

void
field(int|string $action = -1)

Return the markup for a hidden input which holds the current token.

Details

__construct(string $key = '__wpemergeCsrfToken', integer $maximum_lifetime = 2)

Constructor.

Parameters

string $key
integer $maximum_lifetime

string getToken(int|string $action = -1)

Get the last generated token.

Parameters

int|string $action

Return Value

string

string getTokenFromRequest(RequestInterface $request)

Get the csrf token from a request.

Parameters

RequestInterface $request

Return Value

string

string generateToken(int|string $action = -1)

Generate a new token.

Parameters

int|string $action

Return Value

string

boolean isValidToken(string $token, int|string $action = -1)

Check if a token is valid.

Parameters

string $token
int|string $action

Return Value

boolean

string url(string $url, int|string $action = -1)

Add the token to a URL.

Parameters

string $url
int|string $action

Return Value

string

void field(int|string $action = -1)

Return the markup for a hidden input which holds the current token.

Parameters

int|string $action

Return Value

void