Login   Register  
PHP Classes
elePHPant
Icontem

CSRF protector: Prevent CSRF exploits by storing keys in database

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Info   View files View files (2)   DownloadInstall with Composer Download .zip   Reputation   Support forum (1)   Blog    
Last Updated Ratings Unique User Downloads Download Rankings  
2009-04-12 (5 years ago) RSS 2.0 feedNot enough user ratingsTotal: 800 All time: 3,919 This week: 1,518Up
Version License PHP version Categories  
csrf_class 1.0Public Domain5PHP 5, Databases, User Management, Se...
Description Author  

This class can be used to prevent Cross-site Request Forgery (CSRF) exploits by storing token keys in database.

It can generate a random key and store it in a database record associated to the current session. It uses PEAR MDB2 database abstraction layer to support many types of databases.

The class can also check if the key is valid when the form is submitted with a token hidden input field. If it exists, the key record is deleted from the database to avoid it is reused.

Picture of Michael A. Peters
Name: Michael A. Peters <contact>
Classes: 6 packages by
Country: United States United States
Age: 41
All time rank: 871113 in United States United States
Week rank: 787 Up90 in United States United States Up
Innovation award
Innovation award
Nominee: 2x

  Files folder image Files  
File Role Description
Plain text file csrf_class.php Class Class File
Accessible without login HTML file README.html Doc. Documentation

 Version Control Unique User Downloads Download Rankings  
 0%Total:800All time:3,919
 This week:0This week:1,518Up