PHPackages                             jennchen/duckpatrol - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. jennchen/duckpatrol

ActiveLibrary[Security](/categories/security)

jennchen/duckpatrol
===================

DuckPatrol is a PHP library designed to automatically protect your web applications from Cross-Site Request Forgery (CSRF) attacks.

v1.0.3(2y ago)014MITPHP

Since Jun 22Pushed 2y ago1 watchersCompare

[ Source](https://github.com/jennicorn/duckpatrol)[ Packagist](https://packagist.org/packages/jennchen/duckpatrol)[ RSS](/packages/jennchen-duckpatrol/feed)WikiDiscussions main Synced today

READMEChangelog (4)DependenciesVersions (5)Used By (0)

DuckPatrol: CSRF Protection Library
===================================

[](#duckpatrol-csrf-protection-library)

Overview
--------

[](#overview)

DuckPatrol is a PHP library developed to protect your plain PHP web applications from Cross-Site Request Forgery (CSRF) attacks. It offers a simple way to integrate CSRF protection into your projects by using Composer and providing a script for automation.

Requirements
------------

[](#requirements)

- PHP 7.4 or higher
- Composer installation
- Forms to be protected must be sent using the POST-method
- To run the script, the PHP-process on the target system must have the required write permissions

Installation
------------

[](#installation)

Install DuckPatrol with Composer:

```
composer require jennchen/duckpatrol
```

Usage
-----

[](#usage)

There are two ways to initialize the DuckPatrol library.

### Manual Initialization

[](#manual-initialization)

One way is to manually integrate DuckPatrol into all pages you want to protect from CSRF attacks. You can do this by including the `bootstrap.php` file:

```
require_once 'path/to/vendor/jennchen/duckpatrol/bootstrap.php';
```

### Automatic Initialization

[](#automatic-initialization)

The other way is to use the `init_script.php`. This script searches your entire project for PHP files that contain an HTML form with the POST method. In all these files, the `bootstrap.php` file will be automatically included.

To run the script, you need to navigate to the DuckPatrol folder, which is located in the vendor directory under 'jennchen'. Once you are in the library directory, you can run the script as follows:

```
php init_script.php
```

### Script Configuration

[](#script-configuration)

If you want to set a custom root directory or exclude certain files from the script's process, you can do this in the `config.php`. All information on this can be found in the configuration file itself.

Acknowledgements
----------------

[](#acknowledgements)

Thanks to everyone who supported me greatly during the creation of this library. A special thanks goes to:

- Michael Kraftl
- Michael Wagner
- and everyone who helped with the name search &lt;3

Author
------

[](#author)

**Jennifer Kraftl** - *Developer* - [GitHub](https://github.com/jennicorn)

License
-------

[](#license)

This library is open-source software licensed under the MIT License.

###  Health Score

21

—

LowBetter than 18% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity6

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity44

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

4

Last Release

739d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/330320?v=4)[jennchen](/maintainers/jennchen)[@jennchen](https://github.com/jennchen)

---

Top Contributors

[![jennicorn](https://avatars.githubusercontent.com/u/117986032?v=4)](https://github.com/jennicorn "jennicorn (6 commits)")

### Embed Badge

![Health badge](/badges/jennchen-duckpatrol/health.svg)

```
[![Health](https://phpackages.com/badges/jennchen-duckpatrol/health.svg)](https://phpackages.com/packages/jennchen-duckpatrol)
```

###  Alternatives

[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k18.7M143](/packages/mews-purifier)[paragonie/ecc

PHP Elliptic Curve Cryptography library

24820.0k37](/packages/paragonie-ecc)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
