hadi / csrf
CSRF protection - PHP security classes to avoid vulnerabilities
Installs: 15
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 4
Forks: 0
Open Issues: 0
Type:package
Requires
- php: >=5.3.0
This package is auto-updated.
Last update: 2024-04-18 20:12:11 UTC
README
CSRF protection - PHP security classes to avoid vulnerabilities
Installation
composer require hadi/csrf
Usage
Add CSRF token to form
<?php session_start(); require_once __DIR__ . '/PATH_TO_YOUR_AUTOLOAD/vendor/autoload.php'; $csrf = new \Hadi\Csrf(); ?> <form action="" method="post"> <label for="name">Name</label> <input type="text" name="name" id="name"> <label for="age">Age</label> <input type="text" name="age" id="age"> <input type="hidden" name="_token" value="<?= $csrf->token() ?>"> <button type="submit" name="submit">Submit</button> </form>
Then check CSRF token in your form submission area -
session_start(); require_once __DIR__ . '/PATH_TO_YOUR_AUTOLOAD/vendor/autoload.php'; $csrf = new \Hadi\Csrf(); if(isset($_POST['submit'])) { if($csrf->validRequest()) { // Valid request } else { // invalid request } } $csrf->reset(); // or $csrf->deleteToken();
Have fun!