Wednesday 18 September 2013

PHP: Generate Cross Site Request Forgery Token (CSRF)

Today, we are going to see how to generate CSRF Token Which is used to prevent the invalid access to the web application using $_GET and $_POST Requests in PHP.  Here is the PHP Code which will generate unique token of size 32 charcters hexadecimal number.

$curTime = time();
$salt1 = rand();
$token = md5(uniqid(rand().'_'.$curTime, TRUE).'_'.$salt1);

Following is the output, when i run this code 1000 times in a For loop. By looking into the output i got unique token 1000 times and this is very hard to hack it.




Hope, you enjoyed this Post.

No comments:

Post a Comment