CSRF
in package
CSRF protection token generation and validation.
Tags
Table of Contents
Constants
- TOKEN_KEY = '_csrf_token'
Methods
- field() : string
- Generate a hidden input field containing the CSRF token.
- generateToken() : string
- Generate a new CSRF token and store it in the session.
- token() : string
- Get the current CSRF token, generating one if none exists.
- tokenField() : string
- Generate a hidden input field containing the CSRF token.
- validateToken() : bool
- Validate a submitted token against the session token.
- verify() : bool
- Validate the CSRF token from the current POST request.
Constants
TOKEN_KEY
private
string
TOKEN_KEY
= '_csrf_token'
Session key for CSRF token
Methods
field()
Generate a hidden input field containing the CSRF token.
public
static field() : string
Return values
string —HTML hidden input element
generateToken()
Generate a new CSRF token and store it in the session.
public
static generateToken() : string
Return values
string —The generated token
token()
Get the current CSRF token, generating one if none exists.
public
static token() : string
Return values
stringtokenField()
Generate a hidden input field containing the CSRF token.
public
static tokenField() : string
Return values
string —HTML hidden input element
validateToken()
Validate a submitted token against the session token.
public
static validateToken(string $token) : bool
Parameters
- $token : string
-
The token submitted with the form
Return values
boolverify()
Validate the CSRF token from the current POST request.
public
static verify() : bool