Backup #821
| ID | 821 |
|---|
| Dateipfad | /var/www/dev.campus.systemische-tools.de/src/Framework/CsrfService.php |
|---|
| Version | 1 |
|---|
| Typ |
modified |
| Größe | 1.1 KB |
|---|
| Hash | 2ea273cac053a355b083afd20e8ada0fc037ecf79690bdab3cd11ef45a064226 |
|---|
| Datum | 2025-12-23 08:09:11 |
|---|
| Geändert von | claude-code-hook |
|---|
| Grund | Claude Code Pre-Hook Backup vor Edit-Operation |
|---|
| Datei existiert |
Ja
|
Dateiinhalt
<?php
namespace Framework;
class CsrfService
{
private const TOKEN_NAME = '_csrf_token';
private const TOKEN_LENGTH = 32;
public static function generateToken(): string
{
if (empty($_SESSION[self::TOKEN_NAME])) {
$_SESSION[self::TOKEN_NAME] = bin2hex(random_bytes(self::TOKEN_LENGTH));
}
return $_SESSION[self::TOKEN_NAME];
}
public static function getToken(): string
{
return $_SESSION[self::TOKEN_NAME] ?? self::generateToken();
}
public static function validateToken(?string $token): bool
{
if ($token === null || empty($_SESSION[self::TOKEN_NAME])) {
return false;
}
return hash_equals($_SESSION[self::TOKEN_NAME], $token);
}
public static function regenerateToken(): string
{
unset($_SESSION[self::TOKEN_NAME]);
return self::generateToken();
}
public static function getTokenField(): string
{
$token = htmlspecialchars(self::getToken(), ENT_QUOTES, 'UTF-8');
return '<input type="hidden" name="' . self::TOKEN_NAME . '" value="' . $token . '">';
}
}
Vollständig herunterladen
Aktionen
← Zurück zur Übersicht