Protects against form tampering. It ensures that:
string
'Form tampering protection token validation failed.'
Default message used for exceptions thrown.
array<string, array>
A component lookup table used to lazy load component objects.
array<string, mixed>
Runtime config
bool
Whether the config property has already been configured with defaults
array<string, mixed>
Default config
Cake\Controller\ComponentRegistry
Component registry class used to lazy load components.
array
Other Components this component uses.
Constructor
Returns an array that can be used to describe the internal state of this object.
Magic method for lazy loading $components.
Deletes a single config key.
Reads a config key.
Writes a config key.
Merge provided config with existing config. Unlike config()
which does a recursive merge for nested keys, this method does a simple merge.
Execute callback.
Returns the config.
Returns the config for this specific key.
Get the controller this component is bound to.
Events supported by this component.
Constructor hook method.
Convenience method to write a message to Log. See Log::write() for more information on writing to logs.
Sets the config.
Component startup.
Throws a 400 - Bad request exception or calls custom callback.
__construct(Cake\Controller\ComponentRegistry $registry, array<string, mixed> $config = [])
Constructor
Cake\Controller\ComponentRegistry
$registry A component registry this component can use to lazy load its components.
array<string, mixed>
$config optional Array of configuration settings.
__debugInfo(): array<string, mixed>
Returns an array that can be used to describe the internal state of this object.
array<string, mixed>
__get(string $name): Cake\Controller\Component|null
Magic method for lazy loading $components.
string
$name Name of component to get.
Cake\Controller\Component|null
_configDelete(string $key): void
Deletes a single config key.
string
$key Key to delete.
void
Cake\Core\Exception\CakeException
_configRead(string|null $key): mixed
Reads a config key.
string|null
$key Key to read.
mixed
_configWrite(array<string, mixed>|string $key, mixed $value, string|bool $merge = false): void
Writes a config key.
array<string, mixed>|string
$key Key to write to.
mixed
$value Value to write.
string|bool
$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
void
Cake\Core\Exception\CakeException
configShallow(array<string, mixed>|string $key, mixed|null $value = null): $this
Merge provided config with existing config. Unlike config()
which does a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);
Setting a nested value:
$this->configShallow('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);
array<string, mixed>|string
$key The key to set, or a complete array of configs.
mixed|null
$value optional The value to set.
$this
executeCallback(Closure $callback, Cake\Http\Exception\BadRequestException $exception): Cake\Http\Response|null
Execute callback.
Closure
$callback A valid callable
Cake\Http\Exception\BadRequestException
$exception Exception instance.
Cake\Http\Response|null
getConfig(string|null $key = null, mixed $default = null): mixed
Returns the config.
Reading the whole config:
$this->getConfig();
Reading a specific value:
$this->getConfig('key');
Reading a nested value:
$this->getConfig('some.nested.key');
Reading with default value:
$this->getConfig('some-key', 'default-value');
string|null
$key optional The key to get or null for the whole config.
mixed
$default optional The return value when the key does not exist.
mixed
getConfigOrFail(string $key): mixed
Returns the config for this specific key.
The config value for this key must exist, it can never be null.
string
$key The key to get.
mixed
InvalidArgumentException
getController(): Cake\Controller\Controller
Get the controller this component is bound to.
Cake\Controller\Controller
implementedEvents(): array<string, mixed>
Events supported by this component.
Uses Conventions to map controller events to standard component callback method names. By defining one of the callback methods a component is assumed to be interested in the related event.
Override this method if you need to add non-conventional event listeners. Or if you want components to listen to non-standard events.
array<string, mixed>
initialize(array<string, mixed> $config): void
Constructor hook method.
Implement this method to avoid having to overwrite the constructor and call parent.
array<string, mixed>
$config The configuration settings provided to this component.
void
log(string $message, string|int $level = LogLevel::ERROR, array|string $context = []): bool
Convenience method to write a message to Log. See Log::write() for more information on writing to logs.
string
$message Log message.
string|int
$level optional Error level.
array|string
$context optional Additional log data relevant to this message.
bool
setConfig(array<string, mixed>|string $key, mixed|null $value = null, bool $merge = true): $this
Sets the config.
Setting a specific value:
$this->setConfig('key', $value);
Setting a nested value:
$this->setConfig('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);
array<string, mixed>|string
$key The key to set, or a complete array of configs.
mixed|null
$value optional The value to set.
bool
$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
$this
Cake\Core\Exception\CakeException
startup(Cake\Event\EventInterface $event): Cake\Http\Response|null
Component startup.
Token check happens here.
Cake\Event\EventInterface
$event An Event instance
Cake\Http\Response|null
validationFailure(Cake\Form\FormProtector $formProtector): Cake\Http\Response|null
Throws a 400 - Bad request exception or calls custom callback.
If validationFailureCallback
config is specified, it will use this callback by executing the method passing the argument as exception.
Cake\Form\FormProtector
$formProtector Form Protector instance.
Cake\Http\Response|null
Cake\Http\Exception\BadRequestException
A component lookup table used to lazy load component objects.
array<string, array>
Runtime config
array<string, mixed>
Whether the config property has already been configured with defaults
bool
Default config
validate
- Whether to validate request body / data. Set to false to disable for data coming from 3rd party services, etc.unlockedFields
- Form fields to exclude from validation. Fields can be unlocked either in the Component, or with FormHelper::unlockField(). Fields that have been unlocked are not required to be part of the POST and hidden unlocked fields do not have their values checked.unlockedActions
- Actions to exclude from POST validation checks.validationFailureCallback
- Callback to call in case of validation failure. Must be a valid Closure. Unset by default in which case exception is thrown on validation failure.array<string, mixed>
Component registry class used to lazy load components.
Cake\Controller\ComponentRegistry
Other Components this component uses.
array
© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/4.4/class-Cake.Controller.Component.FormProtectionComponent.html