 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/.cursor-server/data/User/History/1addcf4c/ |
<?php
/**
* CSRF Protection Helper Functions
*/
/**
* Generate CSRF token
*/
function generateCSRFToken() {
if (!isset($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
return $_SESSION['csrf_token'];
}
/**
* Verify CSRF token
*/
function verifyCSRFToken($token) {
if (!isset($_SESSION['csrf_token'])) {
return false;
}
return hash_equals($_SESSION['csrf_token'], $token);
}
/**
* Get CSRF token field for forms
*/
function csrfField() {
return '<input type="hidden" name="csrf_token" value="' . htmlspecialchars(generateCSRFToken()) . '">';
}
/**
* Verify CSRF token from POST request
*/
function verifyCSRF() {
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
return true; // Only verify POST requests
}
$token = $_POST['csrf_token'] ?? '';
if (!verifyCSRFToken($token)) {
http_response_code(403);
die('CSRF token verification failed');
}
return true;
}