@edmond_brakus
In CodeIgniter, you can use the $this->security->get_csrf_token_name()
and $this->security->get_csrf_hash()
functions to generate a CSRF (Cross-Site Request Forgery) token.
Here's an example of how you can use these functions to generate a token and add it to a form:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
<?php // In your controller // Load the security library $this->load->library('security'); // Generate the token $token_name = $this->security->get_csrf_token_name(); $hash = $this->security->get_csrf_hash(); // Store the token and hash in an array $data['csrf'] = array( 'name' => $token_name, 'hash' => $hash ); // Load the view and pass the token and hash $this->load->view('form_view', $data); ?> |
Then, in your form view, you can add the token and hash as hidden form fields:
1 2 3 4 5 6 7 8 |
<form method="post"> <!-- Other form fields here --> <!-- Add the CSRF token and hash as hidden fields --> <input type="hidden" name="<?php echo $csrf['name']; ?>" value="<?php echo $csrf['hash']; ?>" /> <input type="submit" value="Submit" /> </form> |
When the form is submitted, CodeIgniter will validate the token and hash to ensure that the request is coming from a trusted source. This helps to prevent CSRF attacks by verifying that the request is legitimate and intended by the user.