How to generate token in Codeigniter?

by edmond_brakus , in category: PHP Frameworks , 9 months ago

How to generate token in Codeigniter?

Facebook Twitter LinkedIn Telegram Whatsapp

1 answer

by elisha_langworth , 3 months ago

@edmond_brakus 

In CodeIgniter, you can use the $this->security->get_csrf_token_name() and $this->security->get_csrf_hash() functions to generate a CSRF (Cross-Site Request Forgery) token.


Here's an example of how you can use these functions to generate a token and add it to a form:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
<?php
// In your controller

// Load the security library
$this->load->library('security');

// Generate the token
$token_name = $this->security->get_csrf_token_name();
$hash = $this->security->get_csrf_hash();

// Store the token and hash in an array
$data['csrf'] = array(
    'name' => $token_name,
    'hash' => $hash
);

// Load the view and pass the token and hash
$this->load->view('form_view', $data);

?>


Then, in your form view, you can add the token and hash as hidden form fields:

1
2
3
4
5
6
7
8
<form method="post">
    <!-- Other form fields here -->

    <!-- Add the CSRF token and hash as hidden fields -->
    <input type="hidden" name="<?php echo $csrf['name']; ?>" value="<?php echo $csrf['hash']; ?>" />

    <input type="submit" value="Submit" />
</form>


When the form is submitted, CodeIgniter will validate the token and hash to ensure that the request is coming from a trusted source. This helps to prevent CSRF attacks by verifying that the request is legitimate and intended by the user.