Token::check (method)

Purpose

Checks if the token in the session matches the token posted in the form

Location

users/classes/Token.php

See Also:

Token::generate (method)

Parameters

This function does not take any arguments

Example

Token::check($token)

Further Documentation:

The token system is a type of two factor authentication system for forms. When a form is generated on screen a token is generated and stored in a session variable. It is then sent in via post with the rest of the form. Token::check makes sure those 2 tokens match. If they do not, it is assumed that some sort of manipulation happened with the form. $token = Input::get('csrf'); if(!Token::check($token)){ include($abs_us_root.$us_url_root.'usersc/scripts/token_error.php'); }