How to deal with CSRF (I guess)?

Question

For example, in admin cp, to delete user, there is a link - http://example.com/acp/delete-user.php?id=102 . When link is opened, system automatically deletes that user from database. Imagine, that someone sent me a link (like that) and I accidentally open it. It means, that I delete that user without knowing it. =( How to deal with it? POST method? Some tokens? And how to do it exactly. I'm just learning. =P

Answer 1

Using POST actually only makes it a bit more difficult to the attacker (still, it would be better to use POST).

You should generate a random token and store it in the user's session or in the database (for the user). Before doing any action you have to check if the right token exists. If you store it in a session, remember to secure your session also.

You can find one implementation here: http://www.serversidemagazine.com/php/php-security-measures-against-csrf-attacks

Answer 2

Have you looked at this article. As others have said, I would hope you have authentication around everything. But to do correct implementation, you would need to implemented a tokening service. Because if you are logged in and I send you the link then it would delete the user.

Answer 3

I recommend you to do that sort of thing with a FORM. http://example.com/acp/delete-user.php?id=102 show a form with a DELETE button and a HIDEN INPUT with a random generated key. The value is stored in your session on the server side. When you hit the submit the target page will check if you past the correct key.

There is lot of ressources about CSRF on the net.

Answer 4

I would hope you have an authentication system in place so in order to even access that link you would be required to log in.