public function verify()
{
if (!$this->_enabled) {
return;
}
if ($this->_useCookie) {
$token_server = $this->cookies->get($this->_name);
} else {
$token_server = $this->session->get($this->_name);
}
if ($token_server === null) {
throw new CsrfTokenException('The CSRF token could not be verified: missing in server');
} else {
if ($this->request->get($this->_name)) {
$token_client = $this->request->get($this->_name);
} else {
if ($this->request->hasServer($this->_header)) {
$token_client = $this->request->getServer($this->_header);
}
}
if (!isset($token_client)) {
throw new CsrfTokenException('The CSRF token could not be verified: missing in client');
}
if ($token_client !== $token_server) {
throw new CsrfTokenException('The CSRF token could not be verified: not match');
}
}
}
