steveclifton/phpcsrftokens
最新稳定版本:v1.4
Composer 安装命令:
composer require steveclifton/phpcsrftokens
包简介
Simple PHP CSRF token generator and verifier
README 文档
README
PHP Csrf Tokens
PHP Csrf Tokens is a simple session & cookie based csrf token generator and verifier.
Installation
Via Composer
$ composer require steveclifton/phpcsrftokens
Usage
For ease of use, all PHP Csrf Tokens methods have been made static to make generation and verification as simple as possible.
Following the OWASP guidelines, the verifyToken() method does not reset the tokens after each request, enabling double submission of the form.
Requires superglobal $_SESSION to be set.
<?php require_once __DIR__ /*Path To File*/; use steveclifton\phpcsrftokens\Csrf; session_start(); if (!empty($_GET['a'])) { echo '<pre>' . print_r($_POST, true) . '</pre>'; echo 'Verification has been : ' . (Csrf::verifyToken('home') ? 'successful' : 'unsuccessful'); } ?> <!DOCTYPE html> <html> <head><title>Test Script</title></head> <body> <form action="?a=submit" method="POST"> <?php echo Csrf::getInputToken('home') ?> <input type="text" name="name" placeholder="Test Input"><br> <button>Submit!</button> </form> </body> </html>
Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
License
统计信息
- 总下载量: 3.57k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 11
- 点击次数: 1
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2019-03-01