PHP code example of kunststube / csrfp

1. Go to this page and download the library: Download kunststube/csrfp library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php.

    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

kunststube / csrfp example snippets



    
     '948thksehbf23fnoug2p4g2o...'; // well chosen secret

    $signer = new Kunststube\CSRFP\SignatureGenerator($secret);

    if ($_POST) {
        if (!$signer->validateSignature($_POST['_token'])) {
            header('HTTP/1.0 400 Bad Request');
            exit;
        }
    }


$signer->setValidityWindow(time() - 3600);
$signer->setValidityWindow('-1 hour');
$signer->setValidityWindow(new DateTime('-1 hour'));


$signer->addValue('foo');
$signer->addKeyValue('bar', 'baz');



    $signer = new Kunststube\CSRFP\SignatureGenerator($secret);
    
    // including user id in signature
    // 'userid' is an arbitrarily chosen key name
    $signer->addKeyValue('userid', $_SESSION['User']['id']);
    
    // including names of valid form fields in signature
    $signer->addValue('_token');
    $signer->addValue('firstname');
    $signer->addValue('lastname');


$signer = new Kunststube\CSRFP\SignatureGenerator($secret);

// including user id in signature validation
$signer->addKeyValue('userid', $_SESSION['User']['id']);

// including submitted form fields in signature validation
foreach (array_keys($_POST) as $key) {
    $signer->addValue($key);
}

if (!$signer->validateSignature($_POST['_token'])) {
    // error
}