csrf : allow to extend the CSRF token expiration

git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@4896 bf3deb0d-5f1a-0410-827f-c0cc1f45334c

csrf.php

@@ -21,6 +21,7 @@ class csrf
 
   /** Manage the singleton */
   public function __construct ()
+  // {{{
   {
     if (isset ($GLOBALS["domframework"]["csrf"]))
     {
@@ -33,9 +34,11 @@ class csrf
       $GLOBALS["domframework"]["csrf"] = $this;
     }
   }
+  // }}}
 
   /** This function return the token */
   public function createToken ()
+  // {{{
   {
     $l = 30; // Number of chars in token
     $c = "abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ";
@@ -47,11 +50,13 @@ class csrf
     $_SESSION["domframework"]["csrf"]["csrfStart"] = microtime (TRUE);
     return $this->csrfToken;
   }
+  // }}}
 
   /** Check if the provided token is the right token, defined last displayed
     * page
     * @param string $tokenFromUser The value csrf the user's token */
   public function checkToken ($tokenFromUser)
+  // {{{
   {
     if ($this->csrf === FALSE )
       return TRUE;
@@ -73,9 +78,11 @@ class csrf
     }
     return TRUE;
   }
+  // }}}
 
   /** Return the CSRF token in a hidden field */
   public function displayFormCSRF ()
+  // {{{
   {
     if ($this->csrfToken == "")
       $this->createToken ();
@@ -83,12 +90,26 @@ class csrf
     $res .= "value='$this->csrfToken'/>\n";
     return $res;
   }
+  // }}}
 
   /** Return the token if exists or create a new one if needed */
   public function getToken ()
+  // {{{
   {
     if ($this->csrfToken === "")
       $this->createToken ();
     return $this->csrfToken;
   }
+  // }}}
+
+  /** Add more time to existing CSRF token
+    * @param string $tokenFromUser The existing token
+    */
+  public function extendToken ($tokenFromUser)
+  // {{{
+  {
+    $this->checkToken ($tokenFromUser);
+    $_SESSION["domframework"]["csrf"]["csrfStart"] = microtime (TRUE);
+  }
+  // }}}
 }