Yii Framework Wiki
Writenew article
Categories
Popular Tags
Recent Comments
-
Ricardo Astudillo on Filter & Sort by calculated/related fields in GridView Yii 2.0 2 months ago
-
cowson on Displaying, Sorting and Filtering Model Relations on a GridView 3 months ago
-
Néstor Acevedo on How to login from different tables in Yii2 6 months ago
-
E.Alamo on PHP built-in server integration a year ago
-
coderevolts on Implementing cron jobs with Yii a year ago
Difference between
#3 and
#4 of
How to validate CSRF token with session
Revision #4 has been created by yangmls on Nov 21, 2011, 12:50:31 PM with the memo:
some spell errors
« previous (#3)
Changes
Title unchanged
How to validate CSRF token with session
Category unchanged
How-tos
Yii version unchanged
Tags unchanged
CSRF, session
Content changed
[...]
Note: When you ebable CSRF validation and use form builder to generate a form(only post), Yii will auto generate a hidden field and put it in the form, at the same time, Yii will create a cookie with CSRF token. When you submit the form, Yii will compare two CSRF tokens from post and cookie.What Problem Will Happen
------------------
1.The user client DOES NOT accept cookie. 2.The user client CAN NOT send a request with cookie.
For example: upload file use flash (swfupload)
[...]
------------------If user does nothing too long time, the session will be removed by session gc. In that cas
The default session timeout in php5 is 1440(may be not exact), your can use function ini_get('session.gc_maxlifetime') to view the default timeout and use the function ini_set('session.gc_maxlifetime', $timeout) to set.
In Yii, We hava a easy way to set. Just change the session component config.
[...]
27 followers
Viewed: 105 196 times
Version: 1.1
Category: How-tos
Written by: yangmls
yangmlsLast updated by: yangmls
yangmlsCreated on: Nov 21, 2011
Last updated: 13 years ago
Revisions
View all history-
13 years ago by
yangmls some spell errors
-
13 years ago by
yangmls the article is lost...