- // CSRF protection
-
- $token = $this->trimmed('token');
- if (!$token || $token != common_session_token()) {
- $this->showForm(_('There was a problem with your session token. '.
- 'Try again, please.'));
- return;
- }
-
- $user = common_current_user();
- assert(!is_null($user)); // should already be checked
-