function csrf_post_protect($redirect = SEASURF_ATTACK_ERROR_PAGE) { if (!empty($_POST)) { $token = $this->get_token(); if (!empty($token) && retrieve(REQUEST, 'token', '') === $token) { return true; } if (Session::_check_referer()) { return true; } Session::_csrf_attack($redirect); return false; } else { return true; } }