web\Request validateCsrfToken()

validateCsrfToken() public method

Performs the CSRF validation.

This method will validate the user-provided CSRF token by comparing it with the one stored in cookie or session. This method is mainly called in yii\web\Controller::beforeAction().

Note that the method will NOT perform CSRF validation if $enableCsrfValidation is false or the HTTP method is among GET, HEAD or OPTIONS.

public boolean validateCsrfToken ( $token = null )
$token string

The user-provided CSRF token to be validated. If null, the token will be retrieved from the $csrfParam POST field or HTTP header. This parameter is available since version 2.0.4.

return boolean

Whether CSRF token is valid. If $enableCsrfValidation is false, this method will return true.

doc_Yii
2016-10-30 17:16:07
Comments
Leave a Comment

Please login to continue.