FormRenderer::renderCsrfToken()

string renderCsrfToken(string $tokenId)

Renders a CSRF token.

Use this helper for CSRF protection without the overhead of creating a form.

Check the token in your action using the same token ID.

$csrfProvider = $this->get('security.csrf.tokengenerator'); if (!$csrfProvider->isCsrfTokenValid('rmuser_'.$user->getId(), $token)) { throw new \RuntimeException('CSRF attack detected.'); }

Parameters

string

$tokenId

The ID of the CSRF token

Return Value

string

A CSRF token

Links:

http://api.symfony.com/master/Symfony/Component/Form/FormRenderer.html#method_renderCsrfToken

doc_Symfony

2016-10-28 06:19:08

Comments

Popular Articles

FormRenderer::searchAndRenderBlock() string searchAndRenderBlock(FormView $view, string $blockNameSuffix, array $variables = array()) Searches and renders a block for a gi

FormRenderer class FormRenderer implements FormRendererInterface Renders a form into HTML using a rendering engine. Constants CACHE_KEY_VAR Methods _

FormExtension::renderCsrfToken() renderCsrfToken($tokenId) {@inheritdoc} Parameters $tokenId

FormRendererInterface::renderCsrfToken() string renderCsrfToken(string $tokenId) Renders a CSRF token. Use this helper for CSRF protection without the overhead of creating a f

FormRenderer::renderBlock() string renderBlock(FormView $view, string $blockName, array $variables = array()) Renders a named block of the form theme. Parameter