<?php

class SecurityHelper {

    public static function htmlescape_recursive(&$arr) {
        foreach ($arr as $key => $val) {
            if (is_array($val)) {
                self::htmlescape_recursive($arr[$key]);
            } else if (is_string($val)) {
                $arr[$key] = htmlspecialchars($val, ENT_QUOTES);
            }
        }
        return $arr;
    }

    public static function verifyCSRFToken($observedToken) {
        $current_namespace = new Zend_Session_Namespace('csrf_namespace');
        $observed_csrf_token = $observedToken;
        $expected_csrf_token = $current_namespace->authtoken;

        return ($observed_csrf_token == $expected_csrf_token);
    }
}