public function get_today_token() { $salt = $this->get_session_salt(); return SecurityTool::get_today_token($salt); }
/** * Add some JS code that add a hidden field * If the hidden field is not present in the POST, SpamFilterComponent considers the request as spam. */ public function antispam($form_dom_id) { $salt = isset($this->_View->viewVars['_alaxos_spam_filter_salt']) ? $this->_View->viewVars['_alaxos_spam_filter_salt'] : null; $token = SecurityTool::get_today_token($salt); /* * Unlock hidden field added by JS to prevent blackholing of form */ $fieldname = SecurityTool::get_today_fieldname($salt); $this->unlockField($fieldname); return $this->AlaxosHtml->script(Router::url(['prefix' => false, 'plugin' => 'Alaxos', 'controller' => 'Javascripts', 'action' => 'antispam', '_ext' => 'js', '?' => ['fid' => $form_dom_id, 'token' => $token]], true), ['block' => true]); }