|Last Updated||Ratings||Unique User Downloads||Download Rankings|
|2009-07-10 (10 years ago)||Not enough user ratings||Total: 1,163||All time: 3,211 This week: 338|
|token 1.0.0||Public Domain||5.0||HTML, PHP 5, User Management, Security|
This class can be used to generate and check tokens to avoid Cross-Site Request Forgery (CSRF) attacks.
== Token == A PHP class for CSRF preventing. = What is Token Token is a simple to use PHP class that implements a session token system for web applications. The purpose is to avoid CSRF (Cross Site Request Forgery) attacks. = About CSRF The Cross Site Request Forgery is a widespread vulnerability in web applications. Using CSRF an attacker can make an user to do things with his own sessions. CSRF is an underestimate threat. It is often forget while it is more dangerous of other attacks (who cares about a stupid XSS)? A very good paper about CSRF is at: http://citp.princeton.edu/csrf/. = Using Token Token usage is very simple. It is explained in the example file. = Token License Token has not a license. Simply do what you want. I just enjoyed coding Token, don't care about. = Author contacts Website: http://sydarex.org Email: email@example.com = Credits Token is inspired by the work of Claudio Guarnieri (nex) of PlayHack on the Seride library (http://www.playhack.net).
|Version Control||Unique User Downloads||Download Rankings|
|User Comments (1)|