Navigation

Zend\Form\Element\Csrf

The Csrf element pairs with the Zend/Form/View/Helper/FormHidden to provide protection from CSRF attacks on forms, ensuring the data is submitted by the user session that generated the form and not by a rogue script. Protection is achieved by adding a hash element to a form and verifying it when the form is submitted.

Basic Usage of Zend\Form\Element\Csrf

This element automatically adds a "type" attribute of value "hidden".

1
2
3
4
5
6
7
use Zend\Form\Element;
use Zend\Form\Form;

$csrf = new Element\Csrf('csrf');

$form = new Form('my-form');
$form->add($csrf);

Available Methods

The following methods are in addition to the inherited methods of Zend\Form\Element.

getInputSpecification

getInputSpecification()

Returns a input filter specification, which includes a Zend\Filter\StringTrim filter and a Zend\Validator\Csrf to validate the CSRF value.

Returns array

Project Versions

Table Of Contents

This Page

Navigation

© Copyright 2012, Zend Technologies Ltd.. Created using Sphinx 1.1.3.
TEST Brought to you by Read the Docs
Edit this document

Edit this document

The source code of this file is hosted on GitHub. Everyone can update and fix errors in this document with few clicks - no downloads needed.

  1. Go to Zend\Form\Element\Csrf on GitHub.
  2. Edit file contents using GitHub's text editor in your web browser
  3. Fill in the Commit message text box at the end of the page telling why you did the changes. Press Propose file change button next to it when done.
  4. On Send a pull request page you don't need to fill in text anymore. Just press Send pull request button.
  5. Your changes are now queued for review under project's Pull requests tab on GitHub.