/** * Disables CSRF protection for all forms. */ public static function disableCSRFProtection() { self::$CSRFSecret = false; }
/** * Enables CSRF protection for all forms. * * The given secret will be used for all forms, except if you pass a secret in the constructor. * Even if a secret is automatically generated if you don't provide a secret, you're strongly advised * to provide one by yourself. * * @param string $secret A secret to use when computing the CSRF token */ public static function enableCSRFProtection($secret = null) { if (false === $secret) { return self::disableCSRFProtection(); } self::$CSRFProtection = true; if (!is_null($secret)) { self::$CSRFSecret = $secret; } }