Login   Register  
PHP Classes
elePHPant
Icontem

File: ex6.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Marcos Bezerra  >  Web Open Patch  >  ex6.php  >  Download  
File: ex6.php
Role: Example script
Content type: text/plain
Description: Example #6: Anti-XSRF Injection
Class: Web Open Patch
Filter values to prevent security exploits
Author: By
Last change:
Date: 2010-01-12 12:01
Size: 738 bytes
 

Contents

Class file image Download
<?php

include_once("WebOpenPatch.php");

$wop = new WebOpenPatch();

$token wopAntiXsrfInjection();

$form '<form action="' $_SERVER['PHP_SELF'] . '" method="POST">
         <input type="hidden" name="token" value="' 
$token '" />
         <!-- Restante do formulário -->
         <input type="submit" name="enviar" value="Enviar">
         </form>'
;

if (isset(
$_POST['enviar']) && $_POST['enviar'] == 'Enviar') { //se houve post

    
if (wopAntiXsrfInjection(false)) { //checa validade do token

        //token é válido, continua processando os dados do form

    
} else { //token inválido
        
die("Dados inválidos!");
    }

} else { 
// não houve postagem
    
echo $form//exibe o form
}

?>