	Login		Register

File: ex6.php

Recommend this page to a friend!

Stumble It!

Bookmark in del.icio.us

	Classes of Marcos Bezerra	>	Web Open Patch	>	ex6.php	>	Download

File:	`ex6.php`
Role:	Example script
Content type:	`text/plain`
Description:	Example #6: Anti-XSRF Injection
Class:	Web Open Patch Filter values to prevent security exploits
Author:	By Marcos Bezerra
Last change:
Date:	2010-01-12 12:01
Size:	`738 bytes`

Download


<?php



include_once("WebOpenPatch.php");



$wop = new WebOpenPatch();



$token = wopAntiXsrfInjection();



$form = '<form action="' . $_SERVER['PHP_SELF'] . '" method="POST">

         <input type="hidden" name="token" value="' . $token . '" />

         <!-- Restante do formulário -->

         <input type="submit" name="enviar" value="Enviar">

         </form>';



if (isset($_POST['enviar']) && $_POST['enviar'] == 'Enviar') { //se houve post



    if (wopAntiXsrfInjection(false)) { //checa validade do token



        //token é válido, continua processando os dados do form



    } else { //token inválido

        die("Dados inválidos!");

    }



} else { // não houve postagem

    echo $form; //exibe o form

}



?>

Advertise on this site

For more information send a message to info at phpclasses dot org.

File: ex6.php

Contents