PHP Classes

PHP CSRF Token Generation: Generate tokens to protect against CSRF attacks

Recommend this page to a friend!
     
  Info   Example   View files Files   Install with Composer Install with Composer   Download Download   Reputation   Support forum   Blog    
Ratings Unique User Downloads Download Rankings
Not enough user ratingsTotal: 238 All time: 8,054 This week: 53Up
Version License PHP version Categories
php-csrf-security-cl 1.0.2MIT/X Consortium ...5HTML, PHP 5, Security
Description 

Author

This package can generate tokens to protect against CSRF attacks.

It can create a string that is stored in a session variable and will be used to identify a real user that submits a form in the script that handles the form submission.

The package can verify whether the user really submitted the form checking the token string by comparing the string passed via an URL parameter or an hidden form input.

Tokens are valid for a configurable amount of time and are deleted after they expire.

Picture of Muhammad Umer Farooq
Name: Muhammad Umer Farooq is available for providing paid consulting. Contact Muhammad Umer Farooq .
Classes: 52 packages by
Country: Pakistan Pakistan
Age: 23
All time rank: 84310 in Pakistan Pakistan
Week rank: 49 Up1 in Pakistan Pakistan Up
Innovation award
Innovation award
Nominee: 6x

Example

<?php require_once 'start.php'; ?>
<head>
  <title>PHP Security class example 1</title>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css">
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js"></script>
  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js"></script>
</head>
<div class="container">
  <form action='start.php' method="post">
    <div class="form-group">
        <input type='hidden' name='token' value="<?= $security->GenerateTokens(3, 20); ?>" />
      <label for="comment">Comment:</label>
      <textarea class="form-control" rows="5" name='q'></textarea>
      <br>
      <input type='submit' name='submit' class="btn btn-success" value='Submit' />
    </div>
  </form>
</div>


Details

PHP CSRF Class

This package can generate token for csrf security in forms and add token to url

features

1. Generate new token on refresh/reload/open 2. Delete expire tokens automatically 3. Set time ( for tokens after how many time expire) 4. Delete current token (that passed in url) 5. Debug support 6. Verify tokens is exists or not 7. Count tokens 8. Delete unnecessary tokens.

Description

This package can generate tokens to protect against CSRF attacks. It can create a string that is stored in a session variable and will be used to identify a real user that submits a form in the script that handles the form submission. The package can verify whether the user really submitted the form checking the token string by comparing the string passed via an URL parameter or an hidden form input. Tokens are valid for a configurable amount of time and are deleted after they expire.

Input class

get form https://github.com/Lablnet/PHP-Input-Class


  Files folder image Files (8)  
File Role Description
Files folder imageClasses (2 files)
Files folder imagelib (1 file)
Accessible without login Plain text file index.php Example Example script
Accessible without login Plain text file init.php Aux. Auxiliary script
Accessible without login Plain text file LICENSE Lic. License text
Accessible without login Plain text file Readme.md Doc. Documentation
Accessible without login Plain text file start.php Example Example script

  Files folder image Files (8)  /  Classes  
File Role Description
  Plain text file PhpInput.php Class Class source
  Plain text file Security.php Class Class source

  Files folder image Files (8)  /  lib  
File Role Description
  Accessible without login Plain text file input.php Example Example script

The PHP Classes site has supported package installation using the Composer tool since 2013, as you may verify by reading this instructions page.
Install with Composer Install with Composer
 Version Control Unique User Downloads Download Rankings  
 100%
Total:238
This week:0
All time:8,054
This week:53Up