function __construct()
{
$this->_session = new CHttpSession();
$this->_session->start();
//session start
$this->_cookie = new CHttpCookie();
$this->_csrfTokenName = $this->_actionName . '_anti_csrf_token';
$this->_inJectParams();
//http 参数注入
$saveModuleConfig = CFactory::loadConfig('safeModuleConfig');
if ($this->_config['csrfTokenValid'] && $this->getRequestType() != 'GET') {
//csrf token验证, get请求不需处理
if (isset($saveModuleConfig['csrfTokenValid']) && $saveModuleConfig['csrfTokenValid'] == 0) {
//绕过csrf token验证
} else {
$this->_validateCsrfToken();
}
}
}
