Example: How to use Cross-Site Request Forgery (CSRF) form protection
- 1: <?php
- 3: /**
- 4: * Nette\Forms Cross-Site Request Forgery (CSRF) protection example.
- 5: */
- 25: // Step 2: Check if form was submitted?
- 28: // Step 2c: Check if form is valid
- 35: // this is the end, my friend :-)
- 37: }
- 38: }
- 42: // Step 3: Render form
- 43: ?>
- 44: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- 45: <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- 46: <head>
- 47: <meta http-equiv="content-type" content="text/html; charset=utf-8" />
- 48: <meta http-equiv="content-language" content="en" />
- 50: <title>Nette\Forms CSRF protection example | Nette Framework</title>
- 52: <style type="text/css">
- 53: <!--
- 54: .required {
- 55: color: darkred
- 56: }
- 58: fieldset {
- 59: padding: .5em;
- 60: margin: .3em 0;
- 61: background: #EAF3FA;
- 62: border: 1px solid #b2d1eb;
- 63: }
- 65: input.button {
- 66: font-size: 120%;
- 67: }
- 69: th {
- 70: width: 8em;
- 71: text-align: right;
- 72: }
- 73: -->
- 74: </style>
- 75: </head>
- 77: <body>
- 78: <h1>Nette\Forms CSRF protection example</h1>
- 81: </body>
- 82: </html>