/**
* Disables CSRF protection for all forms.
*/
public static function disableCSRFProtection()
{
self::$CSRFSecret = false;
}
/**
* Enables CSRF protection for all forms.
*
* The given secret will be used for all forms, except if you pass a secret in the constructor.
* Even if a secret is automatically generated if you don't provide a secret, you're strongly advised
* to provide one by yourself.
*
* @param string $secret A secret to use when computing the CSRF token
*/
public static function enableCSRFProtection($secret = null)
{
if (false === $secret) {
return self::disableCSRFProtection();
}
self::$CSRFProtection = true;
if (!is_null($secret)) {
self::$CSRFSecret = $secret;
}
}
