Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View NirmalAriyathilake's full-sized avatar

Nirmal Ariyathilake NirmalAriyathilake

4 followers · 5 following
View GitHub Profile
@NirmalAriyathilake
NirmalAriyathilake / index.php
Last active October 26, 2018 11:59
Synchronizer Token Pattern - Index.php
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Synchronizer Token Pattern</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
</head>
@NirmalAriyathilake
NirmalAriyathilake / server.php
Last active October 26, 2018 12:06
Synchronizer Token Pattern - Server.php
<?php
session_start();
if(isset($_POST['sessionid'])){
ob_end_clean(); // buffer clean
generateToken($_POST['sessionid']);
}
if(isset($_POST['submit'])){
@NirmalAriyathilake
NirmalAriyathilake / logout.php
Last active October 26, 2018 11:56
Synchronizer Token Pattern - logout.php
<?php
session_start();
//remove PHPSESSID from browser
if ( isset( $_COOKIE[session_name()] ) )
setcookie( session_name(), null, time()-3600, '/' );
//clear session from globals
$_SESSION = array();
//clear session from disk
session_destroy();
@NirmalAriyathilake
NirmalAriyathilake / client.php
Last active October 26, 2018 12:06
Synchronizer Token Pattern - client.php
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Synchronizer Token Pattern</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
<script>
@NirmalAriyathilake
NirmalAriyathilake / server.php
Created October 26, 2018 12:23
Double Submit Cookies Pattern - server.php
<?php
session_start();
// validate login
if(isset($_POST['submit'])){
ob_end_clean(); // buffer clean
validate($_POST['username'],$_POST['password']);
}
@NirmalAriyathilake
NirmalAriyathilake / logout.php
Created October 26, 2018 12:23
Double Submit Cookies Pattern - logout.php
<?php
session_start();
//remove PHPSESSID from browser
if ( isset( $_COOKIE[session_name()] ) )
setcookie( session_name(), null, time()-3600, '/' );
//clear session from globals
$_SESSION = array();
//clear session from disk
session_destroy();
@NirmalAriyathilake
NirmalAriyathilake / index.php
Created October 26, 2018 12:23
Double Submit Cookies Pattern - index.php
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Double Submit Cookies Pattern</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
</head>
@NirmalAriyathilake
NirmalAriyathilake / client.php
Created October 26, 2018 12:23
Double Submit Cookies Pattern - client.php
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Double Submit Cookies Pattern</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
</head>
@NirmalAriyathilake
NirmalAriyathilake / index.php
Last active October 27, 2018 03:42
OAuth And Social Login - index.php
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>OAuth And Social Login</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
<script src="https://apis.google.com/js/platform.js?onload=init" async defer></script>
@NirmalAriyathilake
NirmalAriyathilake / logout.php
Created October 27, 2018 03:22
OAuth And Social Login - logout.php
<?php
session_start();
//remove PHPSESSID from browser
if ( isset( $_COOKIE[session_name()] ) )
setcookie( session_name(), null, time()-3600, '/' );
//clear session from globals
$_SESSION = array();
//clear session from disk
session_destroy();