PHP Classes

Great overview

Recommend this page to a friend!

      PHP Classes blog  >  Why Would You Want to...  >  All threads  >  Great overview  >  (Un) Subscribe thread alerts  
Subject:Great overview
Summary:csrf token
Messages:5
Author:Terry Woody
Date:2023-01-17 22:18:56
Update:2023-01-18 21:46:59
 

  1. Great overview   Reply   Report abuse  
Picture of Terry Woody Terry Woody - 2023-01-18 03:17:29
Great overview and information!

Do you know of a good tutorial that shows actual form code using csrf tokens?

Like to present this to a class, but want to learn more before doing so.

Thanks.

  2. Re: Great overview   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2023-01-18 03:24:21 - In reply to message 1 from Terry Woody
Hello Terry,

Thank you for the feedback. I am glad you liked the articles.

I have an old tutorial that mentions defensive programming practices here:

phpclasses.org/blog/post/65-8-defen ...

This tutorial mentions a plug-in for a forms generation and processing package named secure_submit. The package is here:

phpclasses.org/package/1-PHP-HTML-f ...

Would you be interested that I create a tutorial about generating HTML to avoid CSRF attacks using the CSRF token mentioned in the article?

  3. Re: Great overview   Reply   Report abuse  
Picture of Terry Woody Terry Woody - 2023-01-18 06:20:42 - In reply to message 2 from Manuel Lemos
"Would you be interested that I create a tutorial about generating HTML to avoid CSRF attacks using the CSRF token mentioned in the article?"

That would make a good tutorial. Lots of misinformation on the subject and really not lot of good working example code.

I enjoy your posts, keep them coming.

  4. Re: Great overview   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2023-01-18 06:33:09 - In reply to message 3 from Terry Woody
Hello Terry,

I will try to make time to write a new tutorial for the forms package on secure submit buttons that avoid CSRF attacks.

Thank you again for your feedback. I am not a native English speaker, so I may not be expressing myself clearly.

When you say "Lots of misinformation on the subject and really not lot of good working example code." are you talking of the defensive programming article that was written many years ago?

  5. Re: Great overview   Reply   Report abuse  
Picture of Terry Woody Terry Woody - 2023-01-18 21:46:59 - In reply to message 4 from Manuel Lemos
"When you say "Lots of misinformation on the subject and really not lot of good working example code." are you talking of the defensive programming article that was written many years ago?"

No, no Manuel. Not speaking of your article. What I was trying to say: there are lots of misinformation on the web in general. Your articles are top quality.

No worries about not speaking native English. I am not a native speaker of your language:)

I am not one of those pesky Americans that thinks the world should speak English!

Thank you and looking forward to the future article.