Merge pull request #53 from jeijei4/patch-2

Added unsetToken and unsetSessionIndex methods to AntiCSRF class
paragonie · Apr 16, 2024 · e415f98 · e415f98
2 parents 563a779 + 5199660
commit e415f98
Showing 1 changed file with 42 additions and 0 deletions.
diff --git a/src/AntiCSRF.php b/src/AntiCSRF.php
@@ -549,4 +549,46 @@ protected static function noHTML(string $untrusted): string
     {
         return \htmlentities($untrusted, ENT_QUOTES, 'UTF-8');
     }
+
+    /**
+     * @param string $formIndex
+     * @return bool
+     */
+    public function unsetToken(string $formIndex): bool
+    {
+        if ($this->useNativeSession) {
+            if (isset($_SESSION[$this->getSessionIndex()][$this->post[$formIndex]])) {
+                unset($_SESSION[$this->getSessionIndex()][$this->post[$formIndex]]);
+                return true;
+            }
+            return false;
+        }
+
+        if (isset($this->session[$this->getSessionIndex()][$this->post[$formIndex]])) {
+            unset($this->session[$this->getSessionIndex()][$this->post[$formIndex]]);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * @param string $sessionIndex
+     * @return bool
+     */
+    public function unsetSessionIndex(string $sessionIndex): bool
+    {
+        if ($this->useNativeSession) {
+            if (isset($_SESSION[$sessionIndex])) {
+                unset($_SESSION[$sessionIndex]);
+                return true;
+            }
+            return false;
+        }
+
+        if (isset($this->session[$sessionIndex])) {
+            unset($this->session[$sessionIndex]);
+            return true;
+        }
+        return false;
+    }
 }