Skip to content

Instantly share code, notes, and snippets.

@dervn

dervn/form_token.html

Created January 12, 2011 10:39
Show Gist options
  • Save dervn/775997 to your computer and use it in GitHub Desktop.
Save dervn/775997 to your computer and use it in GitHub Desktop.
Download ZIP
表单CSRF处理
Raw
form_token.html
echo "<input name='rft' type='hidden' value='".random_form_token()."' />";
if(random_form_token($_POST['rft'])){
//
}
else{
//
}
function random_form_token($value=NULL){
if($value == NULL){
$token = hash("sha256","tanzmal".microtime());
$_SESSION['random_form_token'] = $token;
return $token;
}
else{
if($value == $_SESSION['random_form_token']){
unset($_SESSION['random_form_token']);
return true;
}
else
return false;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment