FormRenderer::renderCsrfToken()

string renderCsrfToken(string $tokenId)

Renders a CSRF token.

Use this helper for CSRF protection without the overhead of creating a form.

Check the token in your action using the same token ID.

$csrfProvider = $this->get('security.csrf.tokengenerator'); if (!$csrfProvider->isCsrfTokenValid('rmuser_'.$user->getId(), $token)) { throw new \RuntimeException('CSRF attack detected.'); }

Parameters

string

$tokenId

The ID of the CSRF token

Return Value

string

A CSRF token

Links:

http://api.symfony.com/master/Symfony/Component/Form/FormRenderer.html#method_renderCsrfToken

doc_Symfony

2016-10-28 06:19:08

Comments

Popular Articles

FormRenderer class FormRenderer implements FormRendererInterface Renders a form into HTML using a rendering engine. Constants CACHE_KEY_VAR Methods _

FormRenderer::searchAndRenderBlock() string searchAndRenderBlock(FormView $view, string $blockNameSuffix, array $variables = array()) Searches and renders a block for a gi

FormRendererInterface::renderCsrfToken() string renderCsrfToken(string $tokenId) Renders a CSRF token. Use this helper for CSRF protection without the overhead of creating a f

FormExtension::renderCsrfToken() renderCsrfToken($tokenId) {@inheritdoc} Parameters $tokenId

FormRenderer::getEngine() FormRendererEngineInterface getEngine() Returns the engine used by this renderer. Return Value FormRendererEngineInterface The rend