Fuel Documentation

Security Class

The security class allows you to have CSRF protection in your application.

check_token($value = null)

The check_token method allows you to check the CSRF token.

Static Yes
Parameters
Param Default Description
$value
null
CSRF token to be checked, checks value from POST when empty.
Returns boolean
Example
Security::check_token();

fetch_token()

The fetch_token method allows you to fetch the CSRF token from the cookie.

Static Yes
Parameters None
Returns string
Example
$csrf_token = Security::fetch_token();

js_fetch_token()

The js_fetch_token method allows you to produce JavaScript fuel_csrf_token() function that will return the current CSRF token when called. Use to fill right field on form submit for AJAX operations.

Static Yes
Parameters None
Returns string
Example
echo Security::js_fetch_token();

regenerate_token()

The regenerate_token method allows you to generate a new token if the old one expired or was checked.

Static Yes
Parameters None
Returns void
Example
Security::regenerate_token();

strip_tags($value)

The strip_tags method allows you to strip HTML and PHP tags from a string.

Static Yes
Parameters
Param Default Description
$value Required The input string.
Returns string
Example
$text = '<p>Test paragraph.</p>';
$text = Security::strip_tags($text);

clean($value, $filters)

The clean method allows you clean data using the filters provided.

Static Yes
Parameters
Param Default Description
$value Required The value to be cleaned. This can be a string value, or an array of string values.
$filters Required The filters to be used to clean the string(s). A filter can be a single value, or an array of values. Each value must be a valid PHP callback. You may specify functions ('htmlentities'), objects ($this), or static methods ('Classname::method').
Returns string
Example
// first strip tags, convert html entities in the remaining data, and finish it off using our special cleaning solution
$filters = array('strip_tags', 'html_entities', '\\cleaners\\soap::clean');
$text = Security::clean($text, $filters);