PHP Classes

PHP CSRF Token Library: Generate and validate tokens to avoid CSRF attacks

Recommend this page to a friend!
  Info   View files Example   View files View files (3)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2022-06-30 (5 months ago) RSS 2.0 feedNot yet rated by the usersTotal: 58 All time: 10,227 This week: 138Up
Version License PHP version Categories
csrf-class 1.0GNU Lesser Genera...5HTML, PHP 5, Security
Description Author

This class can generate and validate tokens to avoid CSRF attacks.

It can generate a random token string and store it in a session variable that can be used as a hidden form field to ensure that the user who viewed the form is the same as the one who submitted it.

The class can also validate the token value by checking the session variable to confirm if the token is the same one generated before for the current session user.

Picture of mohammad anzawi
  Performance   Level  
Name: mohammad anzawi <contact>
Classes: 8 packages by
Country: Jordan Jordan
Age: 8
All time rank: 14562 in Jordan Jordan
Week rank: 146 Up1 in Jordan Jordan Up
Innovation award
Innovation award
Nominee: 2x

Details

phptricks :)

CSRF-class :

its easy to use , its simple already

How to Use :

1 - include CSRF-class to your project :

<?php 

include_once("project-dir/libs/Csrf.php");

2 - initialize CSRF-class :


$token = CSRF::init();

3 - check if token its match :


// first method
if($token->checkToken())
{
    // process last action
}
else
{
    // Oops, something error (SCRF Attack)
}

// you can send token value to this method
if($token->checkToken($_POST['token']))
{
    // process last action
}
else
{
    // Oops, something error (SCRF Attack)
}


// other method :

$token->validOrDie(); // any error ??? then kill the page

// process last action

helpers ?

we have only one public helper , its :

csrfField()

this method to create token input field.


<form action="?ok" method="POST">

    <input type="text">
    <br>
    <input type="submit" value="SUBMIT">
    <?php echo $token->csrfField() ?>

</form>

in other hand you can create this field manually and pass token value


<form action="?ok" method="POST">

    <input type="text">
    <br>
    <input type="submit" value="SUBMIT">
    
    <input type="hidden" name="_token" value="<?php echo $token->getToken() ?>">
</form>

I Hope that Help You :)))

License : MIT

  Files folder image Files  
File Role Description
Accessible without login Plain text file Csrf.php Class Class source
Accessible without login Plain text file README.md Doc. Read me
Accessible without login Plain text file test.php Example Example script

 Version Control Unique User Downloads Download Rankings  
 100%
Total:58
This week:0
All time:10,227
This week:138Up