Form token functions

Author: Crecket

src/SecureFuncs.php

@@ -50,6 +50,19 @@ public static function encrypt($input, $key = false)
         return array('Key' => $key, 'Encrypted' => $ciphertext);
     }
 
+    /**
+     * Checks if the given id and token match > If not the form has been sent twice or the ID is incorrect
+     * @param $id
+     * @return md5hash
+     */
+    public function getFormToken($id, $token)
+    {
+        if (empty($_SESSION['formtoken'][$id])) {
+            return false;
+        }
+        return md5($_SESSION['formtoken'][$id]) == $token;
+    }
+
     /**
      * @param $password -> password to hash
      * @return bool|string
@@ -69,6 +82,17 @@ public static function password_verify($password, $hash)
         return password_verify(base64_encode(hash('sha256', $password, true)), $hash);
     }
 
+    /**
+     * Sets a new random token using the given id
+     * @param $id
+     * @return md5hash
+     */
+    public function setFormToken($id)
+    {
+        $_SESSION['formtoken'][$id] = $this->randomString(100);
+        return md5($_SESSION['formtoken'][$id]);
+    }
+
     /**
      * @param int $length
      * @return string