20,359
社区成员
发帖
与我相关
我的任务
分享
//1
$_SESSION['token'] = time() . rand(1, 10000000);
//2
<input id="token" name="token" type="hidden" value="<?php echo $token ?>">
//3
if(isset($_SESSION['token']) && $_SESSION['token'] == $_POST['token']){
unset($_SESSION['token']);
//表单提交成功
}else{
//表单提交失败
}
public function check_unqid() {
if (!self::checkStrEquals($_SESSION['unquid'], $_POST['token'])) {
return exit( Tool::_json_log(-3,'防跨站提交,请刷新网页重试',2));
}
}
$this->_tpl->assign('quid', $_SESSION['unquid']=$_uniqid= Tool::_unquid());
static public function _unquid() {//生成唯一标识符
return sha1(uniqid(rand(),true);
}