function startup(&$controller)
{
$controller->invalidToken = false;
if (isset($controller->data) && !empty($controller->data)) {
$this->data =& $controller->data;
$tokenKeys = cmsFramework::getToken(false);
if (!empty($tokenKeys)) {
#Validate token
if (!isset($this->data['__Token']['Key']) || !in_array($this->data['__Token']['Key'], $tokenKeys['Keys'])) {
// pass back to xajax controller action for alert
$controller->invalidToken = true;
} else {
# Delete used token from session and post data
cmsFramework::removeToken($this->data['__Token']['Key']);
unset($this->data['__Token']);
unset($this->data['__raw']['__Token']);
}
}
}
}
