PHP Classes

File: usage_csrf.txt

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in Bookmark in
  Classes of Kumar Saurabh Sinha  >  Filter Class  >  usage_csrf.txt  >  Download  
File: usage_csrf.txt
Role: Documentation
Content type: text/plain
Description: Readme for CSRF
Class: Filter Class
Filter to prevent XSS, SQL injection, CSRF attacks
Author: By
Last change:
Date: 2 years ago
Size: 642 bytes


Class file image Download
Usage for RestrictCSRF Class

1. Simple add

	<input type='hidden' value="<?=RestrictCSRF::generateToken('add_bot_form')?>" name='add_bot_form' id='add_bot_form'>
	in the form for which you want the CSRF Protection to be implemented
2. And on POST on the action page check

	if(!RestrictCSRF::checkToken(form_name_value, $array_to_be_checked))
	In above:
	a. form_name_value: name of the form on the design page
	b. $array_to_be_checked: the array which contains the CSRF token ($_POST, $_GET, $_REQUEST) as per the implementation.