I want to make sure I’m understanding and applying the token correctly to avoid

Question

0

Editorial Team

Asked: May 27, 20262026-05-27T09:11:33+00:00 2026-05-27T09:11:33+00:00

I want to make sure I’m understanding and applying the token correctly to avoid

0

I want to make sure I’m understanding and applying the token correctly to avoid CSRF?

My data line in my jQuery ajax request:

data:{ Id:getParameterByName("id"), Token:"<?php echo $csfrToken; ?>" },

My PHP check inside the file that handles the posted data:

if (isset($_SESSION['TOKEN']) && $_SESSION['TOKEN'] == $_POST['Token']) { }

Is there anything else I need to do with an ajax request. All I’m doing is creating a token on the page that contains the ajax request. I then post that created token to my ajax handler page and then check to make sure they are the same. Is there anything else that needs to be done?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T09:11:33+00:00

Editorial Team

2026-05-27T09:11:33+00:00Added an answer on May 27, 2026 at 9:11 am

Looks good what you did. That is how Zend Framework’s Zend_Form_Element_Hash does it for forms and this also applys to AJAX requests.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I want to make sure I’m understanding and applying the token correctly to avoid

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply