CSRF Protection Security Check

Analyze PHP code for Cross-Site Request Forgery vulnerabilities.

Detection Patterns

1. Missing CSRF Tokens

// CRITICAL: Form without CSRF token
<form method="POST" action="/transfer">
    <input name="amount" value="1000">
    <input name="to" value="attacker">
    <button>Transfer</button>
</form>

// CRITICAL: No token validation
public function transfer(Request $request): Response
{