There is no license information available for the latest version (2.1.0) of this package.

Simple CSRF protection

2.1.0 2016-11-02 20:40 UTC

This package is not auto-updated.

Last update: 2022-01-22 04:54:41 UTC


Build Status Code Climate Test Coverage Latest Stable Version


Easily protect against CSRF attacks.


This library is published on packagist. To install using Composer, add the "athens/csrf": "0.1.*" line to your "require" dependencies:

    "require": {
        "athens/csrf": "1.*",

Of course, if you're not using Composer then you can download the repository using the Download ZIP button at right.


Using this package requires only two lines:

    // Import the CSRF class
    use Athens\CSRF\CSRF;
    // Intialize

The method ::init() will automatically insert a hidden CSRF token field into your forms:

    <!--output html-->
        <input type=hidden name=csrf_token value=37328bc2cac3e73623bc38ab0f4068ee7fa1>

This token will be included automatically in any of your form submissions.

Incase you perform form submission via AJAX, ::init() also inserts a CSRF_TOKEN variable into your javascript:

    <!--output html-->
        <script>var CSRFTOKEN = '37328bc2cac3e73623bc38ab0f4068ee7fa1';</script>

This token will not automatically be included in your AJAX requests, but you may include it manually by referring to the CSRFTOKEN var in your submission script.


  • PHP 5.5, 5.6, 7.0


See GitHub issue tracker.

Getting Involved

Feel free to open pull requests or issues. GitHub is the canonical location of this project.

Here's the general sequence of events for code contribution:

  1. Open an issue in the issue tracker.
  2. In any order:
  • Submit a pull request with a failing test that demonstrates the issue/feature.
  • Get acknowledgement/concurrence.
  1. Revise your pull request to pass the test in (2). Include documentation, if appropriate.