app); list($node, $cache) = [$service->getCurrent(), $this->app->session->get($token, [])]; if (empty($cache['node']) || empty($cache['time']) || empty($cache['token'])) return false; if ($cache['token'] !== $token || $cache['time'] + 600 < time() || $cache['node'] !== $node) return false; return true; } /** * 清理表单CSRF信息 * @param string $name */ public function clearFormToken($name = null) { $this->app->session->delete($name); } /** * 生成表单CSRF信息 * @param null|string $node * @return array */ public function buildFormToken($node = null) { list($token, $time) = [uniqid('csrf'), time()]; foreach ($this->app->session->all() as $key => $item) { if (stripos($key, 'csrf') === 0 && isset($item['time'])) { if ($item['time'] + 600 < $time) $this->clearFormToken($key); } } $data = ['node' => NodeService::instance($this->app)->fullnode($node), 'token' => $token, 'time' => $time]; $this->app->session->set($token, $data); return $data; } }