/**
* @return Session
*/
public function getFreshSession()
{
// set up CSRF token stuff
$placeholder = Config::inst()->get('LiveFilesystemPublisher', 'security_token_placeholder');
if ($placeholder) {
$sessionKey = SecurityToken::inst()->getName();
// This duplicates the SessionToken functionality exactly
// But only requires the one class from Silverstripe
LivePubHelper::require_session();
LivePubHelper::add_init_code('
function new_security_token() {
require_once("' . BASE_PATH . '/framework/security/RandomGenerator.php");
$generator = new RandomGenerator();
return $_SESSION["' . $sessionKey . '"] = $generator->randomToken("sha1");
}
$security_token = isset($_SESSION["' . $sessionKey . '"]) ? $_SESSION["' . $sessionKey . '"] : new_security_token();
', 'LiveSecurityToken');
return new Session(array($sessionKey => $placeholder));
} else {
return new Session(null);
}
}
