Hacking Prevention on Forms!!!!!
Moderator: General Moderators
-
FireElement
- Forum Commoner
- Posts: 86
- Joined: Wed Oct 17, 2007 6:03 pm
good way to stop people posting from outside your server
This is nice little token code.
I found at this site. http://shiflett.org/articles/cross-site ... -forgeries
Also there is time out one aswel although am not making login area so I will not need that.
If you use this then there is no real way the user can know your token code and post it.
I found at this site. http://shiflett.org/articles/cross-site ... -forgeries
Also there is time out one aswel although am not making login area so I will not need that.
Code: Select all
if (!isset($_SESSION['token'])) {
$_SESSION['token'] = md5(uniqid(rand(), TRUE));
}
if ($_POST['token'] == $_SESSION['token'])
{
/* Valid Token */
}-
FireElement
- Forum Commoner
- Posts: 86
- Joined: Wed Oct 17, 2007 6:03 pm