Download the PHP package laswitchtech/php-csrf without Composer
On this page you can find all versions of the php package laswitchtech/php-csrf. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download laswitchtech/php-csrf
More information about laswitchtech/php-csrf
Files in laswitchtech/php-csrf
Package php-csrf
Short Description CSRF Protection Library for PHP Applications
License GPL-3.0-only
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package php-csrf
phpCSRF - [DEPRECATED] - Use coreCSRF instead
Description
This class is a PHP implementation of a CSRF token generation and validation system. CSRF (Cross-Site Request Forgery) is an attack in which an attacker tricks a user into performing an unwanted action on a website, by sending a forged request on behalf of the user.
Features
- Generates a CSRF token using a cryptographically secure random number generator.
- Uses the default field name 'csrf' for retrieving and validating the token, but allows a custom field name to be set through the constructor.
- Supports setting the length of the token through the generate method, with a default length of 32 bytes.
- Logs error messages to a file using the phpLogger class, with IP address information included in the log entries.
- Configures cookie security settings to help prevent cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.
Why you might need it?
This class provides a simple implementation of a CSRF token generator and validator in PHP. It is designed to be easy to use, while still providing adequate security measures to prevent CSRF attacks.
CSRF attacks occur when a malicious user tricks an authenticated user into performing an unintended action on a web application. To prevent these attacks, a CSRF token is generated and added to the form that is being submitted. When the form is submitted, the token is validated to ensure that it matches the expected value. If the token is invalid, the request is rejected.
Can I use this?
Sure!
License
This software is distributed under the GNU General Public License v3.0 license. Please read LICENSE for information on the software availability and distribution.
Requirements
- PHP >= 7.0.0
Security
Please disclose any vulnerabilities found responsibly – report security issues to the maintainers privately.
Installation
Using Composer:
