<?php

 class SecureLabFormsProtector {
	
	public function __construct() {
	
		return true;
		
	}
	
	public function NewProtectionKeys() {
	
		@ $ProtectionKey = $this->SL_CreateProtectedFormKeys();
		
		return "<input type=\"hidden\" name=\"securelab_seckey\" value=\"" . $ProtectionKey . "\">";
	
	}
	
	public function ValidateProtection() {
	
		$CookieName = $_SESSION["SL_FORMSPROTECTION_COOKIENAME"];
		
		$CookieValue = $_SESSION["SL_FORMSPROTECTION_COOKIEVALUE"];
		
		$IncomingKey = $_SESSION["SL_FORMSPROTECTION_FORMPROTECTIONKEY"];
		
		$_SESSION["SL_FORMSPROTECTION_COOKIENAME"] = null;
		
		$_SESSION["SL_FORMSPROTECTION_COOKIEVALUE"] = null;
		
		$_SESSION["SL_FORMSPROTECTION_FORMPROTECTIONKEY"] = null;
		
		if( $_COOKIE[ $CookieName ] == $CookieValue and $CookieValue != null ) {
			
			setcookie( $CookieName, null, time() - 3600 );
			
			if( $_POST[ "securelab_seckey" ] == $IncomingKey ) {

				return true;
			
			}  else  {
			
				return "ErrorID2/WrongPost";
			
			}
		
		}  else  {
		
			setcookie( $CookieName, null, time() - 3600 );
			
			return "ErrorID1/WrongCookie";
			
		}
	
	}
	
	private function SL_CreateProtectedFormKeys() {
		
		$FormKey = sha1( microtime() . time() . rand() . time() . rand() );
		
		$ProtectedKey = sha1( rand() . rand() . time() . microtime() );
		
		$ProtectedName = substr( md5( rand() . microtime() ), 0, 8 );
		
		$_SESSION["SL_FORMSPROTECTION_COOKIENAME"] = $ProtectedName;
		
		$_SESSION["SL_FORMSPROTECTION_COOKIEVALUE"] = $ProtectedKey;
		
		$_SESSION["SL_FORMSPROTECTION_FORMPROTECTIONKEY"] = $FormKey;
		
		setcookie( $ProtectedName, $ProtectedKey );
		
		return $FormKey;
		
	}
	
	public function SL_WW() {
	
		echo "You have done this";
	
	}
	
 }
	  
	 ?>