TalkPHP - View Single Post

kokjj87 · 12-11-2008, 08:01 AM

Maybe i can add a timer for my session...

$_SESSION['token_created_time'] = //time of the token created

and check on the request, and update the token value, in about every 20minutes.
But still worried that people visit the page on the 19th minutes, and they will have trouble with the token.

I am still trying to think of a more complex way, maybe store a array of the last few tokens in the session? and they are allow to by pass the security check?

Any comment would be greatly appreciate.

12-11-2008, 08:01 AM	#3 (permalink)
kokjj87 The Wanderer Join Date: Oct 2008 Posts: 18 Thanks: 0	Maybe i can add a timer for my session... $_SESSION['token_created_time'] = //time of the token created and check on the request, and update the token value, in about every 20minutes. But still worried that people visit the page on the 19th minutes, and they will have trouble with the token. I am still trying to think of a more complex way, maybe store a array of the last few tokens in the session? and they are allow to by pass the security check? Any comment would be greatly appreciate.