csrf : add the checkThenDelete method

form : use the checkThenDelete CSRF method to remove the used token git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5460 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
2019-09-10 08:11:14 +00:00
parent 3f7584fab7
commit 5585ae23e8
2 changed files with 15 additions and 1 deletions
--- a/csrf.php
+++ b/csrf.php
@@ -164,4 +164,16 @@ class csrf
    return true;
  }
  // }}}
+
+  /** Check an existing token, then delete it
+    * @param string $tokenFromUser The existing token
+    */
+  public function checkThenDeleteToken ($tokenFromUser)
+  // {{{
+  {
+    $this->checkToken ($tokenFromUser);
+    unset ($_SESSION["domframework"]["csrf"][$tokenFromUser]);
+    return true;
+  }
+  // }}}
 }