category Zend
package Zend_Session
subpackage Validator

 Methods

Constructor get the current user IP and store it in the session as 'valid data'

__construct($data) 

Parameters

$data

Retrieve token for validating call

getData() : string

Returns

string

Return validator name

getName() : string

Returns

string

Checks proxy handling setting.

getUseProxy() : bool

Returns

boolCurrent setting value.

isValid() - this method will determine if the current user IP matches the IP we stored when we initialized this variable.

isValid() : bool

Returns

bool

Set the header to introspect for proxy IPs

setProxyHeader(string $header) : void

Parameters

$header

string

Set list of trusted proxy addresses

setTrustedProxies(array $trustedProxies) : void

Parameters

$trustedProxies

array

Changes proxy handling setting.

setUseProxy(bool $useProxy) : void

This must be static method, since validators are recovered automatically at session read, so this is the only way to switch setting.

Parameters

$useProxy

bool

Whether to check also proxied IP addresses.

Returns client IP address.

getIpAddress() : string

Returns

stringIP address.

 Properties

 

Internal data.

$data : string

 

HTTP header to introspect for proxies

$proxyHeader : string

 

List of trusted proxy IP addresses

$trustedProxies : array

 

Whether to use proxy addresses or not.

$useProxy : bool

As default this setting is disabled - IP address is mostly needed to increase security. HTTP_* are not reliable since can easily be spoofed. It can be enabled just for more flexibility, but if user uses proxy to connect to trusted services it's his/her own risk, only reliable field for IP address is $_SERVER['REMOTE_ADDR'].