This article mainly introduces the use and verification method of php token. It realizes the token verification function by processing the hidden submission field of the form form to prevent the access of illegal source data. Friends in need can refer to this article
The example describes the use and verification of php token. Share it with everyone for your reference, the details are as follows:
1. Brief description of token function
PHP uses token verification to effectively prevent illegal sources Data submission access increases the security of data operations
2. Implementation method:
Front desk form:
<form action="do.php" method="POST"> <?php $module=mt_rand(100000,999999);?> <input type="text" name="sec_name" value=""/> <input type="hidden" name="module" value="<?php echo $module;?>"/> <input type="hidden" name="timestamp" value="<?php echo time();?>"/> <input type="hidden" name="token" value="<?php echo md5($module.'#$@%!^*'.time());?>"/> </form>
Token verification part of background do.php:
<?php $module = $_POST['module']; $timestamp = $_POST['timestamp']; $token = md5($module.'#$@%!^*'.$timestamp); if($token != $_POST['token']){ echo('非法数据来源'); exit(); } $sec_name=$_POST['sec_name']; //PHP数据处理..... ?>
The above is the detailed content of Example showing php token usage and verification. For more information, please follow other related articles on the PHP Chinese website!