Problem:- Code Sample Preventing Session Hijacking PHP
Solution:-
<?php
ini_set('session.use_only_cookies', true);
session_start();
$salt = "deep";
$tokenStr = strval(date('W')).$salt;
$token = md5($tokenStr);
if (!isset($_REQUEST['token']) || $_REQUEST['token'] != $token) {
exit();
}
$_SESSION['token'] = $token;
output_add_rewrite_var('token', $token);
?>
Leave a Reply