TalkPHP - View Single Post

kokjj87 · 12-11-2008, 05:56 AM

Hi, i am trying to come up with a security token system for all my
form, normal approach would be setting a token and put it in to the
session whenerever the user request a new page.

$_SESSION['token'] = random string here.

The problem is, the string would be overwritten everytime when a user
request a new page.
But it is common now for people to open up a few tab for a website.
And it would cause the token to expire, and cause the last few tabs
you open to fail the security token check.

Is there a better soultion?

12-11-2008, 05:56 AM	#1 (permalink)
kokjj87 The Wanderer Join Date: Oct 2008 Posts: 18 Thanks: 0	Security Token? Hi, i am trying to come up with a security token system for all my form, normal approach would be setting a token and put it in to the session whenerever the user request a new page. $_SESSION['token'] = random string here. The problem is, the string would be overwritten everytime when a user request a new page. But it is common now for people to open up a few tab for a website. And it would cause the token to expire, and cause the last few tabs you open to fail the security token check. Is there a better soultion?