public static function csrf($csrf_role)
{
if (visitor::has_role($csrf_role)) {
$csrf_key = config::get_module('url.csrf_key', router::default_csrf_key);
$role_secret = null;
if (visitor::p_has($csrf_key)) {
$role_secret = visitor::p_str($csrf_key);
} else {
if (visitor::g_has($csrf_key)) {
$role_secret = visitor::g_str($csrf_key);
}
}
if ($role_secret !== visitor::get_role_secret($csrf_role)) {
throw new visitor_except('csrf attack', 403);
}
}
}
public static function build_csrf_url($csrf_role, $target, $echo = true, $for_html = true, $as_absolute = true)
{
if (!$target instanceof target) {
$target = new target($target);
}
if (visitor::has_role($csrf_role)) {
$role_secret = visitor::get_role_secret($csrf_role);
$csrf_key = self::$base_csrf_key;
if ($target->has_module()) {
$csrf_key = self::$module_csrf_keys[$target->get_module_name()];
}
$target->set_param($csrf_key, $role_secret);
}
return self::build_php_url($target, $echo, $for_html, $as_absolute);
}
