Base Controller

It checks for a form token in the request. This function is used in conjunction with \JHtml::_('form.token') or \JSession::getFormToken.

  • string $method - The request method in which to look for the token key.
  • boolean $redirect - Whether to implicitly redirect user to the referrer page on failure or simply return false.
  • return boolean - True if found and valid, otherwise return false or redirect to referrer page.
public function checkToken($method = 'post', $redirect = true)
$valid = \JSession::checkToken($method);

if (!$valid && $redirect)
$referrer = $this->input->server->getString('HTTP_REFERER');

if (!\JUri::isInternal($referrer))
$referrer = 'index.php';

$app = \JFactory::getApplication();
$app->enqueueMessage(\JText::_('JINVALID_TOKEN_NOTICE'), 'warning');

return $valid;