Symfony\Bundle\FrameworkBundle\Templating\Helper\FormHelper::csrfToken
Returns a CSRF token.
Use this helper for CSRF protection without the overhead of creating a form. <code> echo $view['form']->csrfToken('rm_user_'.$user->getId()); </code> Check the token in your action using the same intention. <code> $csrfProvider = $this->get('form.csrf_provider'); if (!$csrfProvider->isCsrfTokenValid('rm_user_'.$user->getId(), $token)) { throw new \RuntimeException('CSRF attack detected.'); } </code>
Signature
public function csrfToken(string
$intention )
Parameters
$intention
— string- The intention of the protected action
Returns
- string
- A CSRF token
Errors/Exceptions
-
BadMethodCallException
- When no CSRF provider was injected in the constructor.