$data = [
'0' => 'Hello<script>alert("World");</script>',
'1' => 'Hello2<script>alert("World");</script>',
'2' => 'Hello3<script>alert("World");</script>',
];防注入字符,將含有非預期的script字串原樣返回
-
Description
- deepHtmlspecialchars( mixed
$data) : mixed
- deepHtmlspecialchars( mixed
-
Parameters
- $data (mixed) – 含有非預期的目標組合
-
Returns
- mixed - 原樣目標
-
Example.
use \nueip\helpers\SecurityHelper; $show = SecurityHelper::deepHtmlspecialchars($data); var_export($show);
-
Result
array ( 0 => 'Hello<script>alert("World");</script>', 1 => 'Hello2<script>alert("World");</script>', 2 => 'Hello3<script>alert("World");</script>', )
識別請求是否是HTTPS
- Description
- isHttps() : boolean
- Returns
- boolean - 是否是HTTPS
設$totpSpace 為 class TwoFactorAuth()
- Description
- setTotpSpace( string
$space) : TwoFactorAuth
- setTotpSpace( string
- Parameters
- $space (string) – 顯示的名稱
- Returns
- TwoFactorAuth - 目標物件
確認$totpSpace 是否為class TwoFactorAuth(),若不是則宣告成class TwoFactorAuth()
- Description
- getTotpSpace() : TwoFactorAuth
- Returns
- TwoFactorAuth - 目標物件
產生二次驗證的密碼
- Description
- getTotpSecret( [ integer
$bits] ) : TwoFactorAuth
- getTotpSecret( [ integer
- Parameters
- $bits (integer) – 預設是 160 密碼的大小
- Returns
- TwoFactorAuth - 目標物件
-
Description
- getTotpQrCode( string
$label, string$secret) : string
- getTotpQrCode( string
-
Parameters
- $label (string) – 目標要編碼的URL
- $secret (string) – Qrcode圖形密碼
-
Returns
- string - 目標Qrcode
-
Example 產生Qrcode圖形密碼
use \nueip\helpers\SecurityHelper; $secret = SecurityHelper::getTotpSecret(); $url = 'weiya-service.dev.nueip.com/test'; $show = SecurityHelper::getTotpQrCode($url, $secret); echo "<img src='".$show."'/><hr/>";
-
Result
比較儲存的密碼與回傳得到的密碼是否一致
- Description
- verifyTotp( string
$secret, string$code) : bool
- verifyTotp( string
- Parameters
- $secret (string) – 儲存密碼
- $code (string) – 回傳密碼
- Returns
- bool - 密碼是否一致