发表新帖
发表新帖

Does PHP have an authenticity token like Rails?

后端 未结
关注
1 1034
一个人的身影
一个人的身影 2020-12-30 16:08

Does PHP have its own version of the Rails authenticity token?

\" />
1条回答
  • 旧巷少年郎
    旧巷少年郎 (楼主)
    2020-12-30 16:32

    When outputting to form:

    $token = md5(time() . rand(1,100));
$_SESSION['token'] = $token;

    After POST:

    if(empty($_POST['token']) || $_POST['token'] !== $_SESSION['token']){
  exit("Bad token!");
}
unset($_SESSION['token']);

    0 讨论(0)
 看不清?
提交回复
热议问题