Zabbix
Public
Source
xxxxxxxxxx<?php declare(strict_types = 0);/*** Copyright (C) 2001-2025 Zabbix SIA**** This program is free software: you can redistribute it and/or modify it under the terms of** the GNU Affero General Public License as published by the Free Software Foundation, version 3.**** This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;** without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.** See the GNU Affero General Public License for more details.**** You should have received a copy of the GNU Affero General Public License along with this program.** If not, see <https://www.gnu.org/licenses/>.**//** * A class for generating and checking CSRF token. */class CCsrfTokenHelper { /** * @deprecated For backward compatibility of modules. Use CSRF_TOKEN_NAME instead. */ public const CSRF_TOKEN_NAME = CSRF_TOKEN_NAME; /** * Generates CSRF token that is used in forms. * * @param string $action action that controller should perform. * * @return string Returns CSRF token in string format. */ public static function get(string $action): string { return CEncryptHelper::sign(CWebUser::$data['secret'].$action); } /** * Checks if input form CSRF token is correct. * * @param string $csrf_token_form CSRF token from submitted form. * @param string $action controller action. * * @return bool true if the token is correct. */ public static function check(string $csrf_token_form, string $action): bool { return CEncryptHelper::checkSign(self::get($action), $csrf_token_form); }}