KMP PHP API Reference

PublicIdBehavior extends Behavior
in package

PublicId Behavior

Generates non-sequential, secure public identifiers for entities. Prevents ID enumeration attacks by using Base62 random strings.

Tags
see

/docs/7.1-security-best-practices.md PublicIdBehavior documentation

Table of Contents

Constants

CHARSET  = 'abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789'
Characters used in public ID generation (Base62)

Properties

$_defaultConfig  : array<string, mixed>
Default configuration

Methods

beforeFind()  : SelectQuery
Before find callback
beforeSave()  : void
Before save callback
findByPublicId()  : SelectQuery
Custom finder to lookup by public ID
generatePublicId()  : string
Generate a unique public ID
getByPublicId()  : EntityInterface|null
Get entity by public ID
implementedFinders()  : array<string, string>
Implemented finders
initialize()  : void
Initialize behavior
_generateRandomString()  : string
Generate random string using charset

Constants

CHARSET

Characters used in public ID generation (Base62)

protected mixed CHARSET = 'abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789'

Excludes visually similar characters for better human readability:

  • No 0/O confusion
  • No 1/l/I confusion

Properties

$_defaultConfig

Default configuration

protected array<string, mixed> $_defaultConfig = ['field' => 'public_id', 'length' => 8, 'regenerate' => false, 'implementedFinders' => ['publicId' => 'findByPublicId'], 'implementedMethods' => ['getByPublicId' => 'getByPublicId', 'generatePublicId' => 'generatePublicId']]

Methods

beforeFind()

Before find callback

public beforeFind(EventInterface $event, SelectQuery $query, ArrayObject $options) : SelectQuery

Allows finding by public_id in conditions automatically

Parameters
$event : EventInterface

Event

$query : SelectQuery

Query

$options : ArrayObject

Options

Return values
SelectQuery

beforeSave()

Before save callback

public beforeSave(EventInterface $event, EntityInterface $entity, ArrayObject $options) : void

Generates public ID for new entities or regenerates for existing ones if configured

Parameters
$event : EventInterface

Event

$entity : EntityInterface

Entity

$options : ArrayObject

Options

findByPublicId()

Custom finder to lookup by public ID

public findByPublicId(SelectQuery $query, array<string|int, mixed> $options) : SelectQuery
Parameters
$query : SelectQuery

Query

$options : array<string|int, mixed>

Options array with 'publicId' key

Return values
SelectQuery

generatePublicId()

Generate a unique public ID

public generatePublicId() : string

Uses cryptographically secure random bytes for unpredictability. Checks uniqueness in database and regenerates if collision occurs.

Return values
string

Generated public ID

getByPublicId()

Get entity by public ID

public getByPublicId(string $publicId[, array<string|int, mixed> $options = [] ]) : EntityInterface|null

Convenience method similar to Table::get() but using public ID

Parameters
$publicId : string

Public ID

$options : array<string|int, mixed> = []

Additional options for find

Tags
throws
RecordNotFoundException

When record not found

Return values
EntityInterface|null

implementedFinders()

Implemented finders

public implementedFinders() : array<string, string>
Return values
array<string, string>

initialize()

Initialize behavior

public initialize(array<string|int, mixed> $config) : void
Parameters
$config : array<string|int, mixed>

Configuration

_generateRandomString()

Generate random string using charset

protected _generateRandomString(int $length) : string
Parameters
$length : int

Length of string to generate

Return values
string

Random string


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results