1

I'm creating a system and I'm new to php, to generate a token (random numbering) I'm using the following code:

<?php

$tokenSSID = substr(md5(time()),0,6);




?>

then I send this token to another page to check if the user typed it correctly

<?php 
include ('conexao.php');
include ('token.php');

<!--tokenID vem da pagina em que o usuario digita o token-->
$tokenID = $_POST["tokenID"];



if($tokenID == $tokenSSID){
    echo "<h1><b>Sua senha foi alterada para reis123!</b></h1>";



}
else{

    echo "O Token nao foi digitado corretamente!";




}




?>

so far so good but when I click to send and check the token it goes wrong, why on every page that changes, the token also changes and it’s impossible to use, does anyone have any ideas?

Wesley Smith
  • 19,401
  • 22
  • 85
  • 133
Marcos Vinicius
  • 11
  • 1
  • I'm voting to close this question as off-topic because it's not in English. – Sherif Feb 21 '20 at 04:19
  • I am converting this question to English ;) – Wesley Smith Feb 21 '20 at 04:38
  • Does this answer your question? [How to properly add CSRF token using PHP](https://stackoverflow.com/questions/6287903/how-to-properly-add-csrf-token-using-php) – Wesley Smith Feb 21 '20 at 04:46
  • Olá, isso acontece porque o código está gerando um novo token toda vez que o arquivo é incluído. consulte a pergunta vinculada que mostra como persistir o token para verificá-lo mais tarde. – Wesley Smith Feb 21 '20 at 04:48
  • HI, this happens because the code is generating a new token every time the file is included. please see the linked question which shows how to persist the token to check it later. – Wesley Smith Feb 21 '20 at 04:49

0 Answers0