1. Go to this page and download the library: Download itrack/csrf library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
itrack / csrf example snippets
$secret = '948thksehbf23fnoug2p4g2o...'; // well chosen secret
$signer = new \Itrack\CSRF\SignatureGenerator($secret);
if ($_POST) {
if (!$signer->validateSignature($_POST['_token'])) {
header('HTTP/1.0 400 Bad Request');
exit;
}
}
$signer = new \Itrack\CSRF\SignatureGenerator($secret);
// including user id in signature
// 'userid' is an arbitrarily chosen key name
$signer->addKeyValue('userid', $_SESSION['User']['id']);
// including names of valid form fields in signature
$signer->addValue('_token');
$signer->addValue('firstname');
$signer->addValue('lastname');
$signer = new \Itrack\CSRF\SignatureGenerator($secret);
// including user id in signature validation
$signer->addKeyValue('userid', $_SESSION['User']['id']);
// including submitted form fields in signature validation
foreach (array_keys($_POST) as $key) {
$signer->addValue($key);
}
if (!$signer->validateSignature($_POST['_token'])) {
// error
}
html
<form action="" method="post">
printf('<input type="hidden" name="_token" value="%s">', $signer->getSignature());
html
<form action="" method="post">
printf('<input type="hidden" name="_token" value="%s">', $signer->getSignature());
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.