PHPackages doowebdev/doo-csrf - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. doowebdev/doo-csrf ActiveLibrary[Security](/categories/security) doowebdev/doo-csrf ================== Doo csrf is a simple, easy to use random token generator for PHP Scripts to prevent csrf - cross site request forgery. 1.0.0(11y ago)07.2k[1 issues](https://github.com/webberdoocom/doo-csrf/issues)2MITPHPPHP >=5.3.0 Since Sep 7Pushed 11y ago1 watchersCompare [ Source](https://github.com/webberdoocom/doo-csrf)[ Packagist](https://packagist.org/packages/doowebdev/doo-csrf)[ Docs](https://github.com/doowebdev/doo-csrf)[ RSS](/packages/doowebdev-doo-csrf/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (2)Used By (2) Doo-CSRF - ========== [](#doo-csrf--) Doo csrf is a simple random token generator for PHP Scripts to prevent csrf - cross site request forgery. Installation - ============== [](#installation--) To install the latest version of Doo csrf simply add it to your composer.json file in the require section: ``` "doowebdev/doo-csrf": "dev-master" ``` Once the package is installed, you need to initialize the Token class: ``` require 'vendor/autoload.php'; use DooCSRF\Token; ``` The static methods used to generate and check the random token: ``` Token::generate(); //Generates a random token string. Token::check( PLACE-$_POST-NAME-HERE );// Checks if random token is valid. ``` How to Use - ============ [](#how-to-use--) Assuming you are using php classes in your application (you can also use in php procedural code), use the following as an example: In your base controller: ``` use DooCSRF\Token; class BaseController{ protected $data = []; // assign $data to an empty array. public function __construct(){ //assign the token static method to a varibale, in this case it's the token variable create by the data array $this->data['token'] = Token::generate(); } } class SomeclassController extends BaseController { public function someMethod(){ View::display('path/to/a/view', $this->data );//the token variable is past through to the view via the $this->data array. } } ``` In your view add the $token variable in a hidden input within your form, example: ``` someTitle ``` And in a controller method or file that will recieve the post data: ``` use DooCSRF\Token; if( Token::check( $_POST['token'] ) ){ //Protected area. Do somthing, database inserts etc.. } ``` ### Thats it, nice and easy! [](#thats-it-nice-and-easy) ### Health Score 29 — LowBetter than 59% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity18 Limited adoption so far Community11 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 4268d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/c50a532d523814ce941dee90566eea36225e02f4e852b311a8b356d2d830c129?d=identicon)[webberdoo](/maintainers/webberdoo) --- Top Contributors [![webberdoocom](https://avatars.githubusercontent.com/u/4840686?v=4)](https://github.com/webberdoocom "webberdoocom (2 commits)") --- Tags sessioncsrfCross-Site-Request-Forgery ### Embed Badge ![Health badge](/badges/doowebdev-doo-csrf/health.svg) ``` [![Health](https://phpackages.com/badges/doowebdev-doo-csrf/health.svg)](https://phpackages.com/packages/doowebdev-doo-csrf) ``` ### Alternatives [aura/session Provides session management functionality, including lazy session starting, session segments, next-request-only ("flash") values, and CSRF tools. 2041.2M69](/packages/aura-session)[paragonie/anti-csrf Paragon Initiative's Anti-CSRF Security Library 307200.6k5](/packages/paragonie-anti-csrf)[owasp/csrf-protector-php CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app. 222348.3k4](/packages/owasp-csrf-protector-php)[kunststube/csrfp A signed token generator for cross site request forgery protection. 52209.5k1](/packages/kunststube-csrfp)[riimu/kit-csrf Secure and simple CSRF library protected against timing and BREACH attacks 6526.1k](/packages/riimu-kit-csrf)[ayesh/stateless-csrf Secret-key based state-less CSRF token generator and validator for PHP 8. State-less means you do not have to store the CSRF token in session or database. 3223.3k](/packages/ayesh-stateless-csrf) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)