PHP Classes

PHP CSRF Token Library: Generate and validate tokens to avoid CSRF attacks

Recommend this page to a friend!
     
  Info   View files Example   View files View files (3)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2022-06-30 (1 month ago) RSS 2.0 feedNot yet rated by the usersTotal: 53 This week: 1All time: 10,260 This week: 227Up
Version License PHP version Categories
csrf-class 1.0GNU Lesser Genera...5HTML, PHP 5, Security
Description Author

This class can generate and validate tokens to avoid CSRF attacks.

It can generate a random token string and store it in a session variable that can be used as a hidden form field to ensure that the user who viewed the form is the same as the one who submitted it.

The class can also validate the token value by checking the session variable to confirm if the token is the same one generated before for the current session user.

Picture of mohammad anzawi
  Performance   Level  
Name: mohammad anzawi <contact>
Classes: 8 packages by
Country: Jordan Jordan

Level 1 Star

 Innovation award
Innovation award
Nominee: 2x

Details

phptricks :)

CSRF-class :

its easy to use , its simple already

How to Use :

1 - include CSRF-class to your project :

<?php 

include_once("project-dir/libs/Csrf.php");

2 - initialize CSRF-class :


$token = CSRF::init();

3 - check if token its match :


// first method
if($token->checkToken())
{
    // process last action
}
else
{
    // Oops, something error (SCRF Attack)
}

// you can send token value to this method
if($token->checkToken($_POST['token']))
{
    // process last action
}
else
{
    // Oops, something error (SCRF Attack)
}


// other method :

$token->validOrDie(); // any error ??? then kill the page

// process last action

helpers ?

we have only one public helper , its :

csrfField()

this method to create token input field.


<form action="?ok" method="POST">

    <input type="text">
    <br>
    <input type="submit" value="SUBMIT">
    <?php echo $token->csrfField() ?>

</form>

in other hand you can create this field manually and pass token value


<form action="?ok" method="POST">

    <input type="text">
    <br>
    <input type="submit" value="SUBMIT">
    
    <input type="hidden" name="_token" value="<?php echo $token->getToken() ?>">
</form>

I Hope that Help You :)))

License : MIT

  Files folder image Files  
File Role Description
Accessible without login Plain text file Csrf.php Class Class source
Accessible without login Plain text file README.md Doc. Read me
Accessible without login Plain text file test.php Example Example script

Downloadcsrf-class-2022-06-30.zip 2KB
Downloadcsrf-class-2022-06-30.tar.gz 2KB
Install with ComposerInstall with Composer
 Version Control Unique User Downloads Download Rankings  
 100%
Total:53
This week:1
All time:10,260
This week:227Up

  Applications that use this package  
No pages of applications that use this class were specified.

Add link image If you know an application of this package, send a message to the author to add a link here.

For more information send a message to info at phpclasses dot org.