hi i'm currently making a class that will generate a unique token every 5 minutes, im using this in my form so i could make my form dynamic and avoid some xss, i know it's simple but im just starting out, i'd just like to ask a few questions since this class isn't working the way it's supposed to be,
heres the code :
<?php
class Token
{
private $token_state;
private $token_value;
//private $token_age;
function Token()
{
$this->setTokenState(true);
//$this->setTokenValue();
}
//setters
private function setTokenState($token_state)
{
$this->token_state = $token_state;
}
private function setTokenValue()
{
$this->token_value = md5(uniqid(rand(), TRUE));
}
//getters
function getTokenState()
{
return $this->token_state;
}
function getTokenValue()
{
return $this->token_value;
}
//methods
private function initializeSession()
{
$this->setTokenValue();
$_SESSION['token'] = $this->getTokenValue();
$_SESSION['token_time'] = time();
}
private function validateToken()
{
if (!isset($_SESSION['token'])) {
$this->setTokenState(false);
}else {
$token_age = time() - $_SESSION['token_time'];
if ($token_age >= 300) { //if token age is 5 minutes older create a new one
//$this->setTokenState(false);
$this->setTokenState(false);
}
}
}
function generateToken()
{
$this->validateToken();
if (!$this->getTokenState()) {
$this->initializeSession();
$this->getTokenValue();
}
}
//end
}
?>
after that if u test the class on another page :
<?php
session_start();
require_once "token.class.php";
$token = new Token();
$token->generateToken();
$token->getTokenValue();
echo $_SESSION['token'];
echo "<br />";
var_dump($value);
?>
the problem is getTokenValue doesnt return any value at all, but the session has, and to think the session get's it's value from the $token_value in the class Token, im really confuse where i went wrong here, hope u guys can give help out and i'd appreciate if you'd give constructive criticism on my class, and my way of implementing OOP so i can enhance it further, thanks
