Skip to content

Instantly share code, notes, and snippets.

View talenta-eg's full-sized avatar
🏠
Working from home

Muhammad Atallah talenta-eg

🏠
Working from home
View GitHub Profile
@ziadoz
ziadoz / index.php
Last active June 2, 2023 23:08
Simple PHP / jQuery CSRF Protection
<?php
// See: http://blog.ircmaxell.com/2013/02/preventing-csrf-attacks.html
// Start a session (which should use cookies over HTTP only).
session_start();
// Create a new CSRF token.
if (! isset($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = base64_encode(openssl_random_pseudo_bytes(32));
}