Protect ajax/cron files a unique and secured token - Prestashop 1.7

[BonPresta]

How protect file with a unique and secured token?

 

For example my file - ajax.php

 

include_once(dirname(__FILE__) . '/../../config/config.inc.php');
include_once(dirname(__FILE__) . '/../../init.php');
include_once(_PS_MODULE_DIR_.'bonnewsletter/classes/ClassNewsletter.php');

if (Tools::getValue('ajax') == 1) {
    $email = pSQL(trim(Tools::getValue('bon_newsletter_email', '')));
    $check = ClassNewsletter::isNewsletterRegistered($email);
    if (Tools::isEmpty($email) || !Validate::isEmail($email)) {
        die(Tools::jsonEncode(array('success' => 3, 'error' => 'Invalid email address.')));
    } else {
        if ($check > 0) {
            die(Tools::jsonEncode(array('success' => 1, 'error' => 'This email address is already registered.')));
        } else {
            if (!ClassNewsletter::isRegistered($check)) {
                if (Configuration::get('NW_VERIFICATION_EMAIL')) {
                    if ($check == ClassNewsletter::GUEST_NOT_REGISTERED) {
                        ClassNewsletter::registerGuest($email, false);
                    }
                } else {
                    ClassNewsletter::register($email, $check);
                }
                die(Tools::jsonEncode(array('success' => 0, 'error' => 'You have successfully subscribed to this newsletter.')));
            }
        }
    }
}

 

For any ideas, thank you very much!

[BonPresta]

Maybe

if (Configuration::get('PS_TOKEN_ENABLE') == 1 &&
    strcmp(Tools::getToken(false), Tools::getValue('token')) && Tools::getValue('ajax') == 1) {
...

}

 

Edited December 21, 2017 by BonPresta (see edit history)