$session->CSRF() method

Return an instance of ProcessWire’s CSRF object, which provides an API for cross site request forgery protection.

Examples

// output somewhere in <form> markup when rendering a form
echo $session->CSRF->renderInput();
// when processing form (POST request), check to see if token is present
if($session->CSRF->hasValidToken()) {
  // form submission is valid
  // okay to process
} else {
  // form submission is NOT valid
  throw new WireException('CSRF check failed!');
}

Usage

$sessionCSRF = $session->CSRF();

Return value

See Also


$session methods and properties

API reference based on ProcessWire core version 3.0.137

Twitter updates

  • New post: This week we’ll take a look at a new version of FormBuilder that's on the way (with a screencast), as well as the latest version of the core: ProcessWire 3.0.140— More
    6 September 2019
  • We added WebP image support this year and many have been adopting it in existing projects. We look at a process used for migrating existing websites to WebP images— from preliminary considerations to implementation & testing, w/lots of tips & tricks too: More
    16 August 2019
  • Core version 3.0.137 on the dev branch adds the ability to hook multiple methods at once, in a single call. This post details how it works and provides a useful example of how you might put it to use in your development environment— More
    2 August 2019

Latest news

  • ProcessWire Weekly #279
    This week in the 279th issue of ProcessWire Weekly we're going to introduce some of the latest third party modules out there, and highlight a brand new site of the week. Read on!
    Weekly.pw / 14 September 2019
  • ProcessWire 3.0.140 and FormBuilder v40
    This week we’ll take a look at a new version of FormBuilder that's on the way (with a screencast), as well as the latest version of the core: ProcessWire 3.0.140.
    Blog / 6 September 2019
  • Subscribe to weekly ProcessWire news

“Indeed, if ProcessWire can be considered as a CMS in its own right, it also offers all the advantages of a CMF (Content Management Framework). Unlike other solutions, the programmer is not forced to follow the proposed model and can integrate his/her ways of doing things.” —Guy Verville, Spiria Digital Inc.