From d621438f0cbe896909fcfa7f4ac12e0f97177bd9 Mon Sep 17 00:00:00 2001
From: Dominique Fournier <dominique@fournier38.fr>
Date: Tue, 28 Jun 2016 08:43:18 +0000
Subject: [PATCH] CSRF : Allow to get the CSRF token from the CSRF or FORM
 classes

git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@2790 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
---
 csrf.php |  8 ++++++++
 form.php | 11 +++++++++++
 2 files changed, 19 insertions(+)

diff --git a/csrf.php b/csrf.php
index 735ba7c..61ee422 100644
--- a/csrf.php
+++ b/csrf.php
@@ -68,4 +68,12 @@ class csrf
     $res .= "value='$this->csrfToken'/>\n";
     return $res;
   }
+
+  /** Return the token if exists or create a new one if needed */
+  public function getToken ()
+  {
+    if ($this->csrfToken === "")
+      $this->createToken ();
+    return $this->csrfToken;
+  }
 }
diff --git a/form.php b/form.php
index d7704f8..4e9aafb 100644
--- a/form.php
+++ b/form.php
@@ -24,6 +24,8 @@ class form
   public $csrf=TRUE;
   /** Name of the CSRF hidden field in HTML page */
   public $csrfField = "CSRF_TOKEN";
+  /** The CSRF token value */
+  private $csrfToken = "";
 
   /** The method used to send the values */
   private $method = "post";
@@ -193,6 +195,7 @@ class form
       $csrf = new csrf ();
       $csrf->field = $this->formName."[".$this->csrfField."]";
       $res .= $csrf->displayFormCSRF ();
+      $this->csrfToken = $csrf->getToken ();
     }
 
     // Manage the focus. On the first visible element if there is no error, on
@@ -225,6 +228,14 @@ class form
     $csrf->checkToken ($tokenFromUser);
   }
 
+  /** Return the token generated in form */
+  public function getToken ()
+  {
+    if ($this->csrfToken === "")
+      $this->createToken ();
+    return $this->csrfToken;
+  }
+
   /** Check if the parameters are correct with the defined fields
     * Need the session !
     * @return array containing the errors