View Full Version : Security Token?

12-10-2008, 05:22 AM
Hi, i am trying to come up with a security token system for all my form, normal approach would be setting a token and put it in to the session whenerever the user request a new page.

$_SESSION['token'] = random string here.

The problem is, the string would be overwritten everytime when a user request a new page.
But it is common now for people to open up a few tab for a website.
And it would cause the token to expire, and cause the last few tabs you open to fail the security token check.

Is there a better soultion?

12-10-2008, 07:18 AM
What type of form do you have? Is it a contact form? And are you just trying to prevent spam? I suggest you read this article if its a contact form.


12-10-2008, 08:56 AM
Actually it is more of preventing spam, more like forcing the user to use my form to submit the data.