private static function validateCSRF($context, GWF_Form $form, $validator) { if (GWF_Form::CSRF_OFF === ($level = $form->getCSRFLevel())) { } else { if (false === ($token = GWF_CSRF::validateToken()) || $token !== $form->getCSRFToken()) { return GWF_HTML::lang('ERR_CSRF'); } } return false; }