A handful of security-related helper methods. Including random password generation, htpasswd-style password protection, and verifying ip ranges.


Create an HTTP-AUTH dialog with the specified user and password.

Important! This will not work properly if PHP is running in CGI mode. You can try this solution in this case.

@param string $user The user-name required by the dialog.
@param string $password The password required by the dialog.
@param string $realm The realm is a string which specifies which area this access includes. Search google for HTTP AUTH for more details.
@param string $message This message is displayed if the user fails to input the correct user/password.
@return bool Returns true if successful authentication, exits otherwise.


Generate a random password of a specified length.

@param integer $length The length of the password. 10 by default.
@return string The generated password.


Uses CORS to allows ajax requests from cross-domain origins. Sends headers so it must be called before any output. See here for IE issues.

@param string $allow_origin The domain to allow, or * to whitelist everything. Defaults to *.
@param string $allow_methods Allow the method by which to send data. List comma-separated. Defaults to POST, GET, OPTIONS.


Check code for cross-site scripting vulnerabilities (XSS). Return boolean true if code contains potential XSS (script tags, etc.) and returns false if code is clean.

@param string $string The string to run XSS detection logic on.
@return boolean True if the given string contains XSS, false if clean.


Checks if an IP address is within the specified range.

Network ranges can be specified as:
1. Wildcard format: 1.2.3.*
2. CIDR format: 1.2.3/24 OR
3. Start-End IP format:

The function will return true if the supplied IP is within the range.

@param string|boolean $ip The ip address to check or an array of IP addresses to check. If set to false, my current IP will be used.
@param string $range The ip address range to check in.
@return boolean Will return true if the specified IP is within the given range.

Outlast Web & Mobile Development (c) 2023 | Privacy Policy |