From: Evan Prodromou Date: Sat, 7 Nov 2009 23:51:57 +0000 (-0500) Subject: add a method to Action to check session token X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=31bbdacbf330c28c5ebc900864ccd148ea1b23e0;p=quix0rs-gnu-social.git add a method to Action to check session token --- diff --git a/lib/action.php b/lib/action.php index 1b2f737521..78ca9137a5 100644 --- a/lib/action.php +++ b/lib/action.php @@ -1101,4 +1101,22 @@ class Action extends HTMLOutputter // lawsuit { return Design::siteDesign(); } + + /** + * Check the session token. + * + * Checks that the current form has the correct session token, + * and throw an exception if it does not. + * + * @return void + */ + + function checkSessionToken() + { + // CSRF protection + $token = $this->trimmed('token'); + if (empty($token) || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token.')); + } + } }