Download the PHP package gokhankurtulus/csrf without Composer
On this page you can find all versions of the php package gokhankurtulus/csrf. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download gokhankurtulus/csrf
More information about gokhankurtulus/csrf
Files in gokhankurtulus/csrf
Package csrf
Short Description A simple PHP CSRF class that provides functionality for operating CSRF tokens.
License MIT
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package csrf
Csrf
A simple PHP CSRF class that provides functionality for operating CSRF tokens.
Installation
You can install the Csrf class using Composer. Run the following command in your project's root directory:
Usage
To use the Csrf class in your PHP script, you need to include the Composer autoloader:
Creating a New Token
You can generate a new CSRF token using the newToken method. The method accepts two parameters: the token name and an optional expiry time in seconds (default is 600 seconds = 10 minutes).
The newToken method returns a stdClass object containing the token information. The object has the following properties:
name: The name of the token.expiry: The expiry timestamp of the token.value: The token value.
Getting a Token
To retrieve a previously generated token, you can use the getToken method. It accepts the token name as a parameter and returns the token object if found, or null if the token does not exist.
Creating an HTML Input Field
The createInput method generates an HTML input field with the CSRF token embedded. It accepts the token name and an optional expiry time (default is 600 seconds or 10 minutes) as parameters. The
method returns the HTML input field as a string or null if the session is not started or the token name is empty.
The generated HTML input field can be used in forms to send the CSRF token value along with other form data.
Verifying a Token
To verify if a submitted token is valid, you can use the verify method. It accepts the token name, an optional parameter to unset the token if it is verified (default is false), and the token
value submitted with the request (can be retrieved from the $_POST superglobal by default).
The verify method returns a boolean value indicating whether the token is valid or not.
Unsetting a Token
To unset a token manually, you can use the unsetToken method. It accepts the token name as a parameter and returns true if the token is successfully unset or false if the session is not started
or the token name is empty.
Session Status
The Csrf class relies on PHP sessions to store and retrieve CSRF tokens. The isSessionStarted method can be used to check if a session is already started.
License
Csrf is open-source software released under the MIT License. Feel free to modify and use it in your projects.
Contributions
Contributions to Csrf are welcome! If you find any issues or have suggestions for improvements, please create an issue or submit a pull request on the GitHub repository.
