Usage for RestrictCSRF Class
----------------------------------------
1. Simple add
<input type='hidden' value="<?=RestrictCSRF::generateToken('add_bot_form')?>" name='add_bot_form' id='add_bot_form'>
in the form for which you want the CSRF Protection to be implemented
2. And on POST on the action page check
if(!RestrictCSRF::checkToken(form_name_value, $array_to_be_checked))
{
redirect('index.php');
}
In above:
a. form_name_value: name of the form on the design page
b. $array_to_be_checked: the array which contains the CSRF token ($_POST, $_GET, $_REQUEST) as per the implementation. |