This package can be used to prevent CSRF request security attacks, it's a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app.
Add a composer.json file to your project directory
{
"require": {
"ryadpasha/csrfprotector": "dev-master"
}
}Then open terminal (or command prompt), move to project directory and run
composer installOR
php composer.phar install
This will add CSRFP (library will be downloaded at ./vendor/RyadPasha/CSRFProtector) to your project directory. View packagist.org for more help with composer!
For composer installations: Copy the folder 'vendor' into your your server. For non-composer installations: Download and unzip all the contents in a folder in your server. See detailed information below ..
Let's suppose is you installed it with composer and you have the folder 'vendor' in the root folder at in your server. At the begin of your main script, add this code:
<?php
include_once __DIR__ .'/vendor/ryadpasha/csrfprotector/CSRFProtector.php';
//Initialise CSRFProtector library
$jsPath = "CSRFProtector"; // path where is native.history.js
$csrf = new CSRFProtector($jsPath);
$csrf->run();Simply include the library and call the init() function!
That is all! Anyway it's more powerfull than what might seem.
- Fork the repo
- Create your branch
- Commit your changes
- Create a pull request
This version (master) requires the clients to have Javascript enabled.
For any queries contact me at: me@ryadpasha.com