Symfony\Component\Form\FormRendererInterface::renderCsrfToken
Renders a CSRF token.
Use this helper for CSRF protection without the overhead of creating a form. <code> <input type="hidden" name="token" value="<?php $renderer->renderCsrfToken('rm_user_'.$user->getId()) ?>"> </code> Check the token in your action using the same intention. <code> $csrfProvider = $this->get('form.csrf_provider'); if (!$csrfProvider->isCsrfTokenValid('rm_user_'.$user->getId(), $token)) { throw new \RuntimeException('CSRF attack detected.'); } </code>
Signature
public function renderCsrfToken(string
$intention )
Parameters
$intention
— string- The intention of the protected action
Returns
- string
- A CSRF token