PHP Classes

How Can a PHP CSRF Token Library Protect Sites Against Cross-Site Request Forgery Security Attacks Using the Package Anti CSRF: Generate and validate one-time use CSRF tokens

Recommend this page to a friend!
     
  Info   Example   View files Files   Install with Composer Install with Composer   Download Download   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2026-06-15 (19 days ago) RSS 2.0 feedNot yet rated by the usersTotal: Not yet counted Not yet ranked
Version License PHP version Categories
anticsrf 1.0BSD License7HTML, Security, PHP 7
Description 

Author

This package can generate and validate one-time use CSRF tokens.

It provides a class that can generate tokens that are stored in session variables.

The class can generate an HTML form input file that contains the generated token value.

It can also verify if the value of a token is valid and clear the token value from the session variable that was used to store the token.

Picture of MD.Shoeb Lincoln
  Performance   Level  
Name: MD.Shoeb Lincoln <contact>
Classes: 2 packages by
Country: Bangladesh Bangladesh
Innovation award
Innovation award
Nominee: 1x

Instructions

Example

<?php
require_once '../classes/AntiCSRF.php';

$csrf = new AntiCSRF();
$error = '';

if (
$_SERVER['REQUEST_METHOD'] === 'POST') {
   
$token = $_POST['csrf_token'] ?? '';
    if (
$csrf->validate($token)) {
       
// Process form data safely (e.g., save to DB)
       
$success = "Form submitted successfully!";
       
// Optionally redirect to avoid resubmission
        // header('Location: same-page');
        // exit;
   
} else {
       
$error = "Invalid or expired CSRF token. Please try again.";
    }
}
?>
<!DOCTYPE html>
<html>
<head>
    <title>AntiCSRF ? Simple Form Example</title>
    <style>
        body { font-family: Arial; margin: 2em; }
        .error { color: red; }
        .success { color: green; }
        input, button { padding: 8px; margin: 5px; }
        form { border: 1px solid #ccc; padding: 20px; width: 300px; }
    </style>
</head>
<body>
    <h2>Protected Form</h2>
    <?php if (!empty($error)): ?>
<div class="error"><?= htmlspecialchars($error) ?></div>
    <?php elseif (isset($success)): ?>
<div class="success"><?= htmlspecialchars($success) ?></div>
    <?php endif; ?>
<form method="post">
        <label>Your Name:</label>
        <input type="text" name="username" required>
        <label>Message:</label>
        <textarea name="message" rows="3"></textarea>
        <?= $csrf->field() ?> <!-- hidden token inserted here -->
        <button type="submit">Send</button>
    </form>
</body>
</html>


  Files folder image Files (10)  
File Role Description
Files folder image.github (1 directory)
Accessible without login Plain text file ajax_handler.php Example Example script
Accessible without login Plain text file ajax_token.php Example Example script
Plain text file AntiCSRF.php Class Class source
Accessible without login HTML file anticsrf_guide.html Doc. Documentation
Accessible without login Plain text file example_ajax_form.php Example Example script
Accessible without login Plain text file example_simple_form.php Example Example script
Accessible without login HTML file index.html Doc. Documentation
Accessible without login Plain text file LICENSE Lic. License text
Accessible without login HTML file README.md Doc. Documentation

  Files folder image Files (10)  /  .github  
File Role Description
Files folder imageworkflows (1 file)

  Files folder image Files (10)  /  .github  /  workflows  
File Role Description
  Accessible without login Plain text file static.yml Data Auxiliary data

The PHP Classes site has supported package installation using the Composer tool since 2013, as you may verify by reading this instructions page.
Install with Composer Install with Composer
 Version Control Unique User Downloads  
 100%
Total:0
This week:0