trait ValidateToken

Provides method for validating cross-site request forgery tokens.

Methods

boolean
validateToken(string $token)

Validate a cross-site request forgery token from a form submission.

Details

at line 40
boolean validateToken(string $token)

Validate a cross-site request forgery token from a form submission.

Forms contain a hidden field with a random token taken from the user's session. This token is used to validate that a form submission did indeed originate from the user, by comparing the value against that stored in the user's session. If they do not match then the request could be a forgery and the form submission should be rejected.

Parameters

string $token A form token to validate against the user's session.

Return Value

boolean True if token is valid.