Hi friends,

I m making a php user registration program and in some other sites I found some hidden field as follows <input name="authenticity_token" value="a58b64b916157840987d0655fe8ce14fecc030fd" type="hidden"> I m wonder what its really means ? Is it a dynamic value in which's value stored in SESSION and later it check with the time of registration process ?


Please advise me
Thanks in advance
Rajeesh

Recommended Answers

Storing a naked session data in a hidden input is not the best idea. If it is a hash - which it seems to be - it may be OK. The token itself may be a hash produced from a number of session items that can be validated on form …

Jump to Post

All 2 Replies

Member Avatar

Storing a naked session data in a hidden input is not the best idea. If it is a hash - which it seems to be - it may be OK. The token itself may be a hash produced from a number of session items that can be validated on form submit.

All, Thank for the sharing, i'am a new comer for PHP

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.20 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.