public static function csrf($csrf_role) { if (visitor::has_role($csrf_role)) { $csrf_key = config::get_module('url.csrf_key', router::default_csrf_key); $role_secret = null; if (visitor::p_has($csrf_key)) { $role_secret = visitor::p_str($csrf_key); } else { if (visitor::g_has($csrf_key)) { $role_secret = visitor::g_str($csrf_key); } } if ($role_secret !== visitor::get_role_secret($csrf_role)) { throw new visitor_except('csrf attack', 403); } } }
public static function build_csrf_url($csrf_role, $target, $echo = true, $for_html = true, $as_absolute = true) { if (!$target instanceof target) { $target = new target($target); } if (visitor::has_role($csrf_role)) { $role_secret = visitor::get_role_secret($csrf_role); $csrf_key = self::$base_csrf_key; if ($target->has_module()) { $csrf_key = self::$module_csrf_keys[$target->get_module_name()]; } $target->set_param($csrf_key, $role_secret); } return self::build_php_url($target, $echo, $for_html, $as_absolute); }