https://github.com/banujan6/csrf-handler

A simple CSRF Token protection library for PHP. I t will help you to generate the random unique token and validate it to prevent CSRF attack.
https://github.com/banujan6/csrf-handler

csr csrf csrf-prevention csrf-tokens hack pentesting php php-library security web-app

Last synced: 5 months ago
JSON representation

A simple CSRF Token protection library for PHP. I t will help you to generate the random unique token and validate it to prevent CSRF attack.

• Host: GitHub
• URL: https://github.com/banujan6/csrf-handler
• Owner: banujan6
• License: mit
• Created: 2018-07-25T08:52:47.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2021-10-14T18:11:07.000Z (over 4 years ago)
• Last Synced: 2025-10-19T09:17:13.320Z (8 months ago)
• Topics: csr, csrf, csrf-prevention, csrf-tokens, hack, pentesting, php, php-library, security, web-app
• Language: PHP
• Homepage:
• Size: 22.5 KB
• Stars: 33
• Watchers: 5
• Forks: 6
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# [DEPRECATED] CSRF-Handler ![version](https://img.shields.io/badge/Version-2.0.1-green.svg) ![stars](https://img.shields.io/github/stars/banujan6/CSRF-handler.svg) ![commit](https://img.shields.io/badge/Commit-Verified-brightgreen.svg)

CSRF protection class file for PHP.



Bye Bye, Version 1.0!


We released version 2 with better implementation. :)

# Please Note: We no longer maintain this project. Please Consider using PHP Frameworks for better built-in security.

# Functions

| Function  | Description |

| ------------- | ------------- |

| get()  | Validate CSRF only for GET requests  |

| post()   | Validate CSRF only for POST requests   |

| all()   | Validate CSRF for GET & POST requests   |

| token()   | Generate CSRF Token   |

| flushToken()  | Remove all tokens |

# Installation




Via Composer






	Require the package.



```php

	composer require banujan6/csrf-handler

```




Use namespace & class.


```php

	

```







Including File





Download the csrf.php file in directory src. Then include it in your PHP file.





```php

```

# Usages



 This CSRF-Handler will look for a form-data / url-parameter called _token. To verify the request, POST request need to have a _token in form-data. And GET request need to have a _token in url-parameter.  



### Generating Token

```php

  

```

### Validating Request

GET Request Only

```php

  $isValid = csrf::get(); // return TRUE or FALSE

  

  if ( $isValid ) {

  

    //Do something if valid

  

  } else {

  

    //Do something if not vaid

  

  }

```

POST Request Only

```php

  $isValid = csrf::post(); // return TRUE or FALSE

  

  if ( $isValid ) {

  

    //Do something if valid

  

  } else {

  

    //Do something if not vaid

  

  }

```

GET & POST Request

```php

  $isValid = csrf::all(); // return TRUE or FALSE

  

  if ( $isValid ) {

  

    //Do something if valid

  

  } else {

  

    //Do something if not vaid

  

  }

```

### Clear All Active Tokens

```php

  csrf::flushToken(); // will destroy all active tokens

```

# Examples



  You can find basic examples in example/ directory. 

  

  

# License


Licensed under MIT