Skip to content

joefallon/phpcsrf

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

phpcsrf

By Joe Fallon

A simple library for cross-site request forgery (CSRF) prevention in PHP. It has the following features:

  • Full suite of unit tests.
  • It can be integrated into any existing project.
  • Can be fully understood in just a few moments.
  • Uses a cryptographically secure randomly generated token.

Installation

The easiest way to install PhpCsrf is with Composer. Create the following composer.json file and run the php composer.phar install command to install it.

{
    "require": {
        "joefallon/phpcsrf": "*"
    }
}

Usage

Create a Form Token

Create the form token.

$session = new Session();
$csrf = new CsrfGuard('form-name', $session);
$csrf->generateToken();

Then, store the form token in the form.

<input type="hidden" name="csrf" value="55517f7944ee117160414b601a15e60e1076f5b4">

Validate a Form Token

$session = new Session();
$csrf = new CsrfGuard('form-name', $session);
$csrf->isValidToken('55517f7944ee117160414b601a15e60e1076f5b4');

About

A simple library for CSRF prevention in PHP.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages