PHPackages securephp/securephp - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Utility & Helpers](/categories/utility) 4. / 5. securephp/securephp ActiveLibrary[Utility & Helpers](/categories/utility) securephp/securephp =================== Librairie PHP open source pour sécuriser les applications PHP 1.0.1(7mo ago)18MITPHPPHP >=7.4 Since Oct 16Pushed 7mo agoCompare [ Source](https://github.com/securephp/securephp)[ Packagist](https://packagist.org/packages/securephp/securephp)[ Docs](https://github.com/securephp/securephp)[ RSS](/packages/securephp-securephp/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (3)Used By (0) SecurePHP ========= [](#securephp) SecurePHP est une bibliothèque PHP légère pour sécuriser vos applications web. Elle fournit des fonctionnalités de protection CSRF, sécurisation de session, et inclut des helpers pour gérer les fichiers et les requêtes ### ⚡ Installation [](#-installation) 1. Copier le dossier `src/` et `test/` dans votre projet. 2. Inclure les fichiers nécessaires via `require_once` (ou autoload personnalisé) : ``` require_once __DIR__ . '/src/Session.php'; require_once __DIR__ . '/src/Logger.php'; require_once __DIR__ . '/src/Sanitizer.php'; require_once __DIR__ . '/src/CSRF.php'; require_once __DIR__ . '/src/Security.php'; require_once __DIR__ . '/src/Helpers/FileHelper.php'; require_once __DIR__ . '/src/Helpers/RequestHelper.php'; ``` 3. Initialiser la sécurité au début de chaque page : ``` use SecurePHP\Security; use SecurePHP\Session; Session::start(); // Démarre la session $security = new Security(); $security->autoProtect(); // Applique la sanitization, CSRF, session hardening et headers ``` ### 🛡️ Utilisation principale [](#️-utilisation-principale) 1. Protection CSRF dans un formulaire ``` S'inscrire ``` Le token CSRF est automatiquement vérifié grâce à Security::autoProtect(). 2. Helpers FileHelper ``` use SecurePHP\Helpers\FileHelper; if (FileHelper::isSafeFile($_FILES['avatar']['name'])) { $safeName = FileHelper::sanitizeFileName($_FILES['avatar']['name']); } ``` RequestHelper ``` use SecurePHP\Helpers\RequestHelper; $username = RequestHelper::post('username'); $email = RequestHelper::post('email'); $ip = RequestHelper::clientIP(); ``` ### 🧪 Tests [](#-tests) 1. Test du Sanitizer ``` php test/SanitizerTest.php ``` Exemple de sortie : ``` === TEST Sanitizer === Résultat nettoyé : <script>alert(1)</script> ``` 2. Test de Security + CSRF ``` php test/SecurityTest.php ``` Exemple de sortie : ``` === TEST SecurePHP === CSRF Token généré : 3b9f... (token aléatoire) ``` 📝 Notes - Les logs de sécurité sont stockés dans logs/security.log. - Les sessions sont renforcées (harden()) : régénération ID, IP/User-Agent bind. - Les entrées utilisateurs sont automatiquement nettoyées contre XSS. - CSRF token à usage unique avec expiration configurable (15 minutes par défaut). - Helpers pour fichiers et requêtes sécurisent vos uploads et données POST/GET. ### Health Score 31 — LowBetter than 68% of packages Maintenance65 Regular maintenance activity Popularity8 Limited adoption so far Community8 Small or concentrated contributor base Maturity36 Early-stage or recently created project Bus Factor1 Top contributor holds 92.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 214d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/69115ad7ac6bc7af36e0cb0ed6a4540a278b0b9233823a87728469ea3a783350?d=identicon)[securephp](/maintainers/securephp) --- Top Contributors [![fordimalanda](https://avatars.githubusercontent.com/u/131183274?v=4)](https://github.com/fordimalanda "fordimalanda (12 commits)")[![securephp](https://avatars.githubusercontent.com/u/238464869?v=4)](https://github.com/securephp "securephp (1 commits)") --- Tags csrf-protectionhelpersloggerphpphp-librarysanitizersecuritysession-securityweb-securityxss-protectionvalidationsecurityencryptioncsrfsanitization ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/securephp-securephp/health.svg) ``` [![Health](https://phpackages.com/badges/securephp-securephp/health.svg)](https://phpackages.com/packages/securephp-securephp) ``` ### Alternatives [nette/utils 🛠 Nette Utils: lightweight utilities for string & array manipulation, image handling, safe JSON encoding/decoding, validation, slug or strong password generating etc. 2.1k394.3M1.5k](/packages/nette-utils)[phpseclib/mcrypt_compat PHP 5.x-8.x polyfill for mcrypt extension 28129.7M34](/packages/phpseclib-mcrypt-compat)[siriusphp/validation Data validation library. Validate arrays, array objects, domain models etc using a simple API. Easily add your own validators on top of the already dozens built-in validation rules 181743.3k13](/packages/siriusphp-validation)[progsmile/request-validator Simple PHP Request Validator 33113.3k1](/packages/progsmile-request-validator)[personnummer/personnummer Validate Swedish social security numbers 34739.3k3](/packages/personnummer-personnummer)[fastsitephp/fastsitephp A Modern Open Source Framework for building High Performance Websites and API’s with PHP 1292.7k1](/packages/fastsitephp-fastsitephp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)