$session->CSRF() method

Return an instance of ProcessWire’s CSRF object, which provides an API for cross site request forgery protection.

Examples

// output somewhere in <form> markup when rendering a form
echo $session->CSRF->renderInput();
// when processing form (POST request), check to see if token is present
if($session->CSRF->hasValidToken()) {
  // form submission is valid
  // okay to process
} else {
  // form submission is NOT valid
  throw new WireException('CSRF check failed!');
}

Usage

$sessionCSRF = $session->CSRF();

Return value

See Also


$session methods and properties

API reference based on ProcessWire core version 3.0.137

Twitter updates

  • New post: An introductory look at ProcessWire LoginRegisterPro, a module for providing new user registration, secure logins, profile editing, and more— More
    13 December 2019
  • ProcessWire 3.0.146 on the dev branch contains about 22 commits with a combination of useful upgrades and issue report resolutions, more details in this forum post: More
    22 November 2019
  • ProcessWire 3.0.144 and 3.0.145 add improved field template context override settings and include a new Inputfields API, along with numerous other issue fixes, optimizations and improvements to the core. More
    8 November 2019

Latest news

  • ProcessWire Weekly #292
    In the 292nd issue of ProcessWire Weekly we're going to cover three new modules – Login Register Pro, FieldtypeImageFromPage, and PwQuickFixes – as well as introduce a very interesting new site of the week. Read on!
    Weekly.pw / 14 December 2019
  • Login Register Pro
    This week we’ll take a look at LoginRegisterPro — a new module that provides an all-in-one, self contained module for providing new user registration, secure logins, profile editing, and more. It does this all in a manner that is reliable, efficient, comprehensive and secure.
    Blog / 13 December 2019
  • Subscribe to weekly ProcessWire news

“Indeed, if ProcessWire can be considered as a CMS in its own right, it also offers all the advantages of a CMF (Content Management Framework). Unlike other solutions, the programmer is not forced to follow the proposed model and can integrate his/her ways of doing things.” —Guy Verville, Spiria Digital Inc.