/** * Creates a hidden nonce form field * * @param string $action the action that the nonce should be tied to. * @return string The html fragment */ function createNonceFormField($action) { return sprintf('<input type="hidden" name="%snonce" value="%s">', owa_coreAPI::getSetting('base', 'ns'), owa_coreAPI::createNonce($action)); }
function verifyNonce($nonce) { $action = $this->getParam('do'); if (!$action) { $action = $this->getParam('action'); } $matching_nonce = owa_coreAPI::createNonce($action); //owa_coreAPI::debug("passed nonce: $nonce | matching nonce: $matching_nonce"); if ($nonce === $matching_nonce) { return true; } }