Hi friends,
I m making a php user registration program and in some other sites I found some hidden field as follows <input name="authenticity_token" value="a58b64b916157840987d0655fe8ce14fecc030fd" type="hidden"> I m wonder what its really means ? Is it a dynamic value in which's value stored in SESSION and later it check with the time of registration process ?
Please advise me
Thanks in advance
Rajeesh
Storing a naked session data in a hidden input is not the best idea. If it is a hash - which it seems to be - it may be OK. The token itself may be a hash produced from a number of session items that can be validated on form submit.
All, Thank for the sharing, i'am a new comer for PHP
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.