Problem:- Code Sample Preventing Session Hijacking PHP
Solution:-
<?php ini_set('session.use_only_cookies', true); session_start(); $salt = "deep"; $tokenStr = strval(date('W')).$salt; $token = md5($tokenStr); if (!isset($_REQUEST['token']) || $_REQUEST['token'] != $token) { exit(); } $_SESSION['token'] = $token; output_add_rewrite_var('token', $token); ?>
Leave a Reply