Token::check (method)

Return to Knowledgebase

Purpose

Checks if the token in the session matches the token posted in the form

Location

users/classes/Token.php

See Also:

Token::generate (method)

Parameters

This function does not take any arguments

Example

Token::check($token)

Further Documentation:

The token system is a type of two factor authentication system for forms. When a form is generated on screen a token is generated and stored in a session variable. It is then sent in via post with the rest of the form.
Token::check makes sure those 2 tokens match. If they do not, it is assumed that some sort of manipulation happened with the form.


$token = Input::get('csrf');

if(!Token::check($token)){

include($abs_us_root.$us_url_root.'usersc/scripts/token_error.php');

}