/**
  * 验证csrf token, 验证成功后删除
  */
 private function _validateCsrfToken()
 {
     $valid = false;
     $csrfSessionToken = $this->_session->getSession($this->_csrfTokenName);
     if (!empty($this->csrfToken) && !empty($csrfSessionToken) && $this->csrfToken == $csrfSessionToken) {
         if ($this->csrfToken === $csrfSessionToken) {
             $valid = true;
         }
     }
     if (!$valid) {
         throw new CException(array('asdfasfasf'), '');
     }
 }