function startup(&$controller) { $controller->invalidToken = false; if (isset($controller->data) && !empty($controller->data)) { $this->data =& $controller->data; $tokenKeys = cmsFramework::getToken(false); if (!empty($tokenKeys)) { #Validate token if (!isset($this->data['__Token']['Key']) || !in_array($this->data['__Token']['Key'], $tokenKeys['Keys'])) { // pass back to xajax controller action for alert $controller->invalidToken = true; } else { # Delete used token from session and post data cmsFramework::removeToken($this->data['__Token']['Key']); unset($this->data['__Token']); unset($this->data['__raw']['__Token']); } } } }