/**
* Check the token to prevent CSRF exploits
*
* @param object The command context
* @return boolean Returns FALSE if the check failed. Otherwise TRUE.
*/
protected function _checkToken(KCommandContext $context)
{
//Check the token
if ($context->caller->isDispatched()) {
$method = KRequest::method();
//Only check the token for PUT, DELETE and POST requests
if ($method != KHttpRequest::GET && $method != KHttpRequest::OPTIONS) {
if (KRequest::token() !== JUtility::getToken()) {
return false;
}
}
}
return true;
}
/**
* Check the token to prevent CSRF exploits
*
* @param object The command context
* @return boolean Returns FALSE if the check failed. Otherwise TRUE.
*/
protected function _checkToken(KCommandContext $context)
{
//Check the token
if ($context->caller->isDispatched()) {
$method = KRequest::method();
//Only check the token for PUT, DELETE and POST requests
if ($method != KHttpRequest::GET && $method != KHttpRequest::OPTIONS) {
$token = version_compare(JVERSION, '3.0', 'ge') ? JSession::getFormToken() : JUtility::getToken();
if (KRequest::token() !== $token) {
return false;
}
}
}
return true;
}
/**
* Check the token
*
* @return boolean Returns FALSE if the token is not valid or the session timed-out.
*/
public function checkToken()
{
if (KRequest::method() != KHttpRequest::GET) {
if (KRequest::token() !== JUtility::getToken()) {
return false;
}
}
return true;
}
