saru2017/http06_form.php

## http06_form.php
<?php

session_start();
$nonce = hash("sha256", session_id());
$_SESSION["csrf_nonce"] = $nonce;

?>
password is 3 digit number.
<form action="http06_login.php" method="POST">
  <input type="hidden" name="csrf_nonce" value="<?php echo($nonce);?>"/>
  <input type="text" name="name"/>
  <input type="text" name="pass"/>
  <input type="submit" value="send"/>
</form>
	<?php

	session_start();
	$nonce = hash("sha256", session_id());
	$_SESSION["csrf_nonce"] = $nonce;

	?>
	password is 3 digit number.
	<form action="http06_login.php" method="POST">
	<input type="hidden" name="csrf_nonce" value="<?php echo($nonce);?>"/>
	<input type="text" name="name"/>
	<input type="text" name="pass"/>
	<input type="submit" value="send"/>
	</form>