Security CSRF

CSRF

Embeded image in some hacker website.

 
# Cross Site Request Forgery 
# 
# If it happend that you are logged on shop.com ...
# and you browse hacker-site.com ...
# you'll make a purchase, even if you don't want to!

<img src="https://www.shop.com/checkout.php?isbn=0312863551">

Token method

The token method involves the use of a randomly generated token.

 
<?php

    # The token is stored in the user's session ...
    # when the user accesses the form page

    session_start();

    if (isset($_POST['btn_submit'])) {
        if (isset($_SESSION['token']) &&
            isset($_POST['token']) &&
                  $_POST['token'] == $_SESSION['token']) { # Look Here
           echo 'Accepted';
        } else {
            echo 'Denied';
        }
    }

    $token = md5(uniqid(rand(), TRUE));
    $_SESSION['token'] = $token;
?>

<form method="POST">
    <input type="hidden" name="token" value="<?= $token; ?>"/>
    <input type="submit" name="btn_submit"/>
</form>

 Last update: 547 days ago

minte9 LearnRemember / PHP

CSRF

Token method

minte9
LearnRemember / PHP