Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Anyone else had a good look through the security lib in CI 2.0?
Anyone else had a good look through the security lib in CI 2.0?
  • El Forum
    Guest
  •  
#4
04-16-2010, 01:45 PM

[eluser]pickupman[/eluser]
I was just messing around with this to see what could be made from the libraries. This appears to do what is intended once the config value has been added.
Code:
//Controller
$this->security->csrf_set_cookie(); //Set csrf cookie for a user

//View
echo form_open('controller/method','',array('ci_csrf_token'=>$_COOKIE['ci_csrf_token'])); //Add token as a hidden field in the form

All forms are processed through the Input class when submitted, and will check $_POST array and $_COOKIE array to make sure the token matches and not expired. Hopefully when this is done, will be slightly cleaner like checking the $config key and if set, automatically add the token to a form as a hidden field when using form_open().


Messages In This Thread
Anyone else had a good look through the security lib in CI 2.0? - by El Forum - 04-16-2010, 01:45 PM



Theme © iAndrew 2016 - Forum software by © MyBB