class Csrf (View source)

Provide CSRF protection utilities through WordPress nonces.

Methods

__construct(string $key = '__wpemergeCsrfToken', integer $maximum_lifetime = 2)

Constructor.

string
getToken()

Get the last generated token.

string
getTokenFromRequest(Request $request)

Get the csrf token from a request.

string
generateToken(int|string $action = -1)

Generate a new token.

boolean
isValidToken(string $token, int|string $action = -1)

Check if a token is valid.

string
url(string $url)

Add the token to a URL.

void
field()

Return the markup for a hidden input which holds the current token.

Details

__construct(string $key = '__wpemergeCsrfToken', integer $maximum_lifetime = 2)

Constructor.

Parameters

string $key
integer $maximum_lifetime

string getToken()

Get the last generated token.

Return Value

string

string getTokenFromRequest(Request $request)

Get the csrf token from a request.

Parameters

Request $request

Return Value

string

string generateToken(int|string $action = -1)

Generate a new token.

Parameters

int|string $action

Return Value

string

boolean isValidToken(string $token, int|string $action = -1)

Check if a token is valid.

Parameters

string $token
int|string $action

Return Value

boolean

string url(string $url)

Add the token to a URL.

Parameters

string $url

Return Value

string

void field()

Return the markup for a hidden input which holds the current token.

Return Value

void