_element, $name); $this->addValidator('Csrf') ->setSession() ->setHidden(true); } /** * * get session object * * @return \Cube\Session */ public function getSession() { if (!($this->_session instanceof Session)) { $this->setSession(); } return $this->_session; } /** * * set session object * * @param \Cube\Session $session * * @return \Cube\Validate\Csrf */ public function setSession(Session $session = null) { if ($session === null) { $session = Front::getInstance()->getBootstrap()->getResource('session'); } if (!$session instanceof Session) { $session = new Session(); $session->setNamespace(self::SESSION_NAMESPACE); } $this->_session = $session; return $this; } /** * * create a csrf token for the csrf form element * * @return string */ public function getToken() { return sha1(uniqid(rand(), true)); } /** * * render element * * @return string */ public function render() { $value = $this->getToken(); $variable = array_filter((array)$this->_session->get($this->_name)); array_push($variable, $value); $this->_session->set($this->_name, $variable); return '_endTag; } }