CsrfService.php
- Pfad:
src/Framework/CsrfService.php - Namespace: Framework
- Zeilen: 51 | Größe: 1,233 Bytes
- Geändert: 2025-12-23 08:09:11 | Gescannt: 2025-12-31 10:22:15
Code Hygiene Score: 100
- Dependencies: 100 (25%)
- LOC: 100 (20%)
- Methods: 100 (20%)
- Secrets: 100 (15%)
- Classes: 100 (10%)
- Magic Numbers: 100 (10%)
Keine Issues gefunden.
Klassen 1
-
CsrfServiceclass Zeile 9
Funktionen 5
-
generateToken()public Zeile 14 -
getToken()public Zeile 23 -
validateToken()public Zeile 28 -
regenerateToken()public Zeile 37 -
getTokenField()public Zeile 44
Verwendet von 1
- CsrfTrait.php use
Versionen 1
-
v1
2025-12-23 08:09 | claude-code-hook | modified
Claude Code Pre-Hook Backup vor Edit-Operation
Code
<?php
declare(strict_types=1);
namespace Framework;
// @responsibility: CSRF-Token-Generierung und -Validierung
class CsrfService
{
private const TOKEN_NAME = '_csrf_token';
private const TOKEN_LENGTH = 32;
public static function generateToken(): string
{
if (empty($_SESSION[self::TOKEN_NAME])) {
$_SESSION[self::TOKEN_NAME] = bin2hex(random_bytes(self::TOKEN_LENGTH));
}
return $_SESSION[self::TOKEN_NAME];
}
public static function getToken(): string
{
return $_SESSION[self::TOKEN_NAME] ?? self::generateToken();
}
public static function validateToken(?string $token): bool
{
if ($token === null || empty($_SESSION[self::TOKEN_NAME])) {
return false;
}
return hash_equals($_SESSION[self::TOKEN_NAME], $token);
}
public static function regenerateToken(): string
{
unset($_SESSION[self::TOKEN_NAME]);
return self::generateToken();
}
public static function getTokenField(): string
{
$token = htmlspecialchars(self::getToken(), ENT_QUOTES, 'UTF-8');
return '<input type="hidden" name="' . self::TOKEN_NAME . '" value="' . $token . '">';
}
}