ValidateToken
trait ValidateToken
Provides method for validating cross-site request forgery tokens.
Methods
boolean
validateToken(string $token)
Validate a cross-site request forgery token from a form submission.
Details
at line 40
boolean
validateToken(string $token)
Validate a cross-site request forgery token from a form submission.
Forms contain a hidden field with a random token taken from the user's session. This token is used to validate that a form submission did indeed originate from the user, by comparing the value against that stored in the user's session. If they do not match then the request could be a forgery and the form submission should be rejected.