Login   Register  
PHP Classes
elePHPant
Icontem

Token: Generate and check tokens to avoid CSRF attacks

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Info   View files View files (3)   DownloadInstall with Composer Download .zip   Reputation   Support forum (1)   Blog    
Last Updated Ratings Unique User Downloads Download Rankings  
2009-07-10 (5 years ago) RSS 2.0 feedNot enough user ratingsTotal: 1,006 This week: 1All time: 3,377 This week: 1,432Up
Version License PHP version Categories  
token 1.0.0Public Domain5.0HTML, PHP 5, User Management, Security
Description Author  

This class can be used to generate and check tokens to avoid Cross-Site Request Forgery (CSRF) attacks.

It generates random token strings and stores it as session variable associated to the time when the token was created.

The generated token be used to pass in an hidden input form for later verification against CSRF attacks.

The class can also check if the token is valid by looking at the respective session variable and verifying whether it did not pass more time than a configurable token timeout value.

Picture of Francesco Cirać
Name: Francesco Cirać <contact>
Classes: 3 packages by
Country: Italy Italy
Age: 23
All time rank: 138755 in Italy Italy
Week rank: 473 Up19 in Italy Italy Up

  Files folder image Files  
File Role Description
Accessible without login Plain text file example.php Example Example script
Accessible without login Plain text file readme.txt Doc. Readme file
Plain text file token.class.php Class Token class file

 Version Control Unique User Downloads Download Rankings  
 0%Total:1,006All time:3,377
 This week:1This week:1,432Up
 User Comments (1)  
 
great work!
5 years ago (max costa)
75%StarStarStarStar