{"id":36384359,"url":"https://github.com/banujan6/csrf-handler","last_synced_at":"2026-01-11T15:00:52.983Z","repository":{"id":56950443,"uuid":"142273794","full_name":"banujan6/CSRF-handler","owner":"banujan6","description":"A simple CSRF Token protection library for PHP. I t will help you to generate the random unique token and validate it to prevent CSRF attack.","archived":false,"fork":false,"pushed_at":"2021-10-14T18:11:07.000Z","size":23,"stargazers_count":33,"open_issues_count":0,"forks_count":6,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-10-19T09:17:13.320Z","etag":null,"topics":["csr","csrf","csrf-prevention","csrf-tokens","hack","pentesting","php","php-library","security","web-app"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/banujan6.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-07-25T08:52:47.000Z","updated_at":"2024-04-15T09:07:20.000Z","dependencies_parsed_at":"2022-08-21T09:20:26.877Z","dependency_job_id":null,"html_url":"https://github.com/banujan6/CSRF-handler","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/banujan6/CSRF-handler","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/banujan6%2FCSRF-handler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/banujan6%2FCSRF-handler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/banujan6%2FCSRF-handler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/banujan6%2FCSRF-handler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/banujan6","download_url":"https://codeload.github.com/banujan6/CSRF-handler/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/banujan6%2FCSRF-handler/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28309526,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-11T14:58:17.114Z","status":"ssl_error","status_checked_at":"2026-01-11T14:55:53.580Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csr","csrf","csrf-prevention","csrf-tokens","hack","pentesting","php","php-library","security","web-app"],"created_at":"2026-01-11T15:00:24.384Z","updated_at":"2026-01-11T15:00:52.975Z","avatar_url":"https://github.com/banujan6.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# [DEPRECATED] CSRF-Handler ![version](https://img.shields.io/badge/Version-2.0.1-green.svg) ![stars](https://img.shields.io/github/stars/banujan6/CSRF-handler.svg) ![commit](https://img.shields.io/badge/Commit-Verified-brightgreen.svg)\n\u003cb\u003eCSRF protection\u003c/b\u003e class file for \u003cb\u003ePHP\u003c/b\u003e.\u003cbr\u003e\u003cbr\u003e\n\u003cb\u003eBye Bye, Version 1.0!\u003c/b\u003e\u003cbr\u003e\nWe released version 2 with better implementation. :)\n\n# Please Note: We no longer maintain this project. Please Consider using PHP Frameworks for better built-in security.\n\n# Functions\n\n| Function  | Description |\n| ------------- | ------------- |\n| get()  | Validate CSRF only for GET requests  |\n| post()   | Validate CSRF only for POST requests   |\n| all()   | Validate CSRF for GET \u0026 POST requests   |\n| token()   | Generate CSRF Token   |\n| flushToken()  | Remove all tokens |\n\n\n# Installation\n\n\u003cbr\u003e\n\u003ci\u003e\u003cb\u003eVia Composer\u003c/b\u003e\u003c/i\u003e\n\u003cbr\u003e\n\u003cp\u003e\n\tRequire the package.\n\u003c/p\u003e\n\n```php\n\tcomposer require banujan6/csrf-handler\n```\n\u003cbr\u003e\n\u003cp\u003eUse namespace \u0026 class.\u003c/p\u003e\n\n```php\n\t\u003c?php\n\t\t//If you are using any frameworks, It will load autoload.php automatically. So you don't need.\n\t\trequire_once __DIR__ . '/../../vendor/autoload.php';\n\t\tuse csrfhandler\\csrf as csrf;\n\t?\u003e\n```\n\n\u003cbr\u003e\n\u003cbr\u003e\n\u003ci\u003e\u003cb\u003eIncluding File\u003c/b\u003e\u003c/i\u003e\n\u003cbr\u003e\u003cbr\u003e\n\u003cp\u003eDownload the \u003cb\u003ecsrf.php\u003c/b\u003e file in directory \u003cb\u003esrc\u003c/b\u003e. Then include it in your PHP file.\u003c/p\u003e\n\u003cbr\u003e\u003cbr\u003e\n\n```php\n\u003c?php \n  require_once(\"path/csrf.php\");\n  use csrfhandler\\csrf as csrf;\n?\u003e\n```\n\n# Usages\n\n\u003cp\u003e\n This \u003cb\u003eCSRF-Handler\u003c/b\u003e will look for a \u003ci\u003eform-data\u003c/i\u003e / \u003ci\u003eurl-parameter\u003c/i\u003e called \u003cb\u003e_token\u003c/b\u003e. To verify the request, \u003ci\u003ePOST\u003c/i\u003e request need to have a \u003cb\u003e_token\u003c/b\u003e in \u003ci\u003eform-data\u003c/i\u003e. And \u003ci\u003eGET\u003c/i\u003e request need to have a \u003cb\u003e_token\u003c/b\u003e in \u003ci\u003eurl-parameter\u003c/i\u003e.  \n\u003c/p\u003e\n\n\n### Generating Token\n\n```php\n\u003cform\u003e\n  \u003cinput type=\"hidden\" name=\"_token\" value=\"\u003c?php echo csrf::token(); ?\u003e\"\u003e\n\u003c/form\u003e\n```\n\n### Validating Request\n\n\u003cb\u003eGET Request Only\u003c/b\u003e\n\n```php\n  $isValid = csrf::get(); // return TRUE or FALSE\n  \n  if ( $isValid ) {\n  \n    //Do something if valid\n  \n  } else {\n  \n    //Do something if not vaid\n  \n  }\n```\n\n\u003cb\u003ePOST Request Only\u003c/b\u003e\n\n```php\n  $isValid = csrf::post(); // return TRUE or FALSE\n  \n  if ( $isValid ) {\n  \n    //Do something if valid\n  \n  } else {\n  \n    //Do something if not vaid\n  \n  }\n```\n\n\u003cb\u003eGET \u0026 POST Request\u003c/b\u003e\n\n```php\n  $isValid = csrf::all(); // return TRUE or FALSE\n  \n  if ( $isValid ) {\n  \n    //Do something if valid\n  \n  } else {\n  \n    //Do something if not vaid\n  \n  }\n```\n\n\n### Clear All Active Tokens\n\n```php\n  csrf::flushToken(); // will destroy all active tokens\n```\n\n\n# Examples\n\n\u003cp\u003e\n  You can find basic examples in \u003cb\u003e\u003ci\u003eexample/\u003c/i\u003e\u003c/b\u003e directory. \n  \u003c/p\u003e\n  \n# License\n\nLicensed under MIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbanujan6%2Fcsrf-handler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbanujan6%2Fcsrf-handler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbanujan6%2Fcsrf-handler/lists"}