Login   Register  
PHP Classes
elePHPant
Icontem

File: usage_csrf.txt

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Kumar Saurabh Sinha  >  Filter Class  >  usage_csrf.txt  >  Download  
File: usage_csrf.txt
Role: Documentation
Content type: text/plain
Description: Readme for CSRF
Class: Filter Class
Filter to prevent XSS, SQL injection, CSRF attacks
Author: By
Last change:
Date: 2013-08-21 06:03
Size: 642 bytes
 

Contents

Class file image Download
Usage for RestrictCSRF Class
----------------------------------------

1. Simple add

	<input type='hidden' value="<?=RestrictCSRF::generateToken('add_bot_form')?>" name='add_bot_form' id='add_bot_form'>
	
	in the form for which you want the CSRF Protection to be implemented
	
2. And on POST on the action page check

	if(!RestrictCSRF::checkToken(form_name_value, $array_to_be_checked))
    {
        redirect('index.php');
    }
	
	In above:
	
	a. form_name_value: name of the form on the design page
	b. $array_to_be_checked: the array which contains the CSRF token ($_POST, $_GET, $_REQUEST) as per the implementation.