Plib_XH

CsrfProtector
in package

Flexible and unintrusive CSRF protection

This class maintains an unguessable random CSRF token in $_SESSION, but does not actually start the session. So it will only work if a session is started somewhere else (that is the case for administrators of CMSimple_XH, and users of Register_XH and Memberpages, and maybe some other plugins).

Tags
final
since
1.5

Table of Contents

Methods

check()  : bool
Wether the given `$token` matches the CSRF token
token()  : string
Retrieves the CSRF token

Methods

check()

Wether the given `$token` matches the CSRF token

public check(string|null $token) : bool
Parameters
$token : string|null
Return values
bool

token()

Retrieves the CSRF token

public token() : string
Return values
string 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results