diff options
Diffstat (limited to 'lib/action.php')
| -rw-r--r-- | lib/action.php | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/action.php b/lib/action.php index 1b2f73752..78ca9137a 100644 --- a/lib/action.php +++ b/lib/action.php @@ -1101,4 +1101,22 @@ class Action extends HTMLOutputter // lawsuit { return Design::siteDesign(); } + + /** + * Check the session token. + * + * Checks that the current form has the correct session token, + * and throw an exception if it does not. + * + * @return void + */ + + function checkSessionToken() + { + // CSRF protection + $token = $this->trimmed('token'); + if (empty($token) || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token.')); + } + } } |