Generates a single-use key to be embedded in a form or used with another non-idempotent
request (a request that changes the state of the server or application), that will match
against a client session token using the check() method.
/** * Tests extracting a key from a `Request` object and matching it against a token. */ public function testTokenFromRequestObject() { $request = new Request(array('data' => array('security' => array('token' => RequestToken::key())))); $this->assertTrue(RequestToken::check($request)); }
/** * 生成token * @param array $config * @return string */ public static function generate(array $config = array()) { self::$_token = RequestToken::key(array('sessionKey' => self::$_session_key, 'salt' => null) + $config); return self::$_token; }