validateCsrfToken() public method
Performs the CSRF validation.
This method will validate the user-provided CSRF token by comparing it with the one stored in cookie or session. This method is mainly called in yii\web\Controller::beforeAction().
Note that the method will NOT perform CSRF validation if $enableCsrfValidation is false or the HTTP method is among GET, HEAD or OPTIONS.
public boolean validateCsrfToken ( $token = null ) | ||
---|---|---|
$token | string |
The user-provided CSRF token to be validated. If null, the token will be retrieved from the $csrfParam POST field or HTTP header. This parameter is available since version 2.0.4. |
return | boolean |
Whether CSRF token is valid. If $enableCsrfValidation is false, this method will return true. |
Please login to continue.