0) $r.=$a{mt_rand(0,$l)}; return $r; } function are_you_sure($query_string, $question) { $token = random_string(20); $_SESSION['random_token'] = $token; output("

\n"); output("

{$question}
\n"); output("\n"); output("\n

"); } function user_is_sure() { if (isset($_POST['really'])) { if ($_POST['random_token'] == $_SESSION['random_token']) return true; else system_failure("Possible Cross-site-request-forgery detected!"); } elseif (isset($_POST['not_really'])) return false; else return NULL; } ?>