lithium\template\helper\Security::requestToken()

public method

Generates a request key used to protect your forms against CSRF attacks. See the RequestToken class for examples and proper usage.

Parameters

  • array $options

    Options used as HTML when generating the field.

Returns

string

Returns a hidden <input /> field containing a request-specific CSRF token key.

Source

	public function requestToken(array $options = []) {
		$defaults = ['name' => 'security.token', 'id' => false];
		$options += $defaults;
		$requestToken = $this->_classes['requestToken'];

		$flags = array_intersect_key($this->_config, ['sessionKey' => '', 'salt' => '']);
		$value = $requestToken::key($flags);

		$name = $options['name'];
		unset($options['name']);
		return $this->_context->form->hidden($name, compact('value') + $options);
	}