Safeguarding Against CSRF
Posted: Sat Aug 18, 2007 9:17 am
feyd | Please use
post.php contains the following content
I can't figure it's behaviour as this is a very simple code. Please help simulating it's behaviour.
feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
The validity of the token can also be limited to a small window of time, such as ten minutes:
I made the following some changes to post.php code is below, but it still does not go into the valid data loop, and prints "Timeup!" on pressing submit button and doesnot show any value for echo $_SESSION['token_time'];
However if i DIRECTLY go to post.php it says "Valid data!"
It's behaving just in the opposite way i expect it to.
Revised CodeCode: Select all
<?php
session_start();
$token = md5(uniqid(rand(), TRUE));
$_SESSION['token'] = $token;
$_SESSION['token_time'] = time();
?>
<form action="post.php" method="post">
<input type="hidden" name="token" value="<?php echo $token;?>" />
<p>
Symbol: <input type="text" name="symbol" /><br />
Shares: <input type="text" name="shares" /><br />
<input type="submit" value="Buy" />
</p>
</form>Code: Select all
<?php
if ($_POST['token']== $_SESSION['token']) {
echo "Valid data!";
exit;
}
$token_age = time() - $_SESSION['token_time'];
if ($token_age >= 600) {
// time limit can be set here as number instead
// of LOGIN_TIME_LIMIT define, such as 60*10
echo $_SESSION['token_time'];
echo "Timeup!";
exit;
}
?>feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]