Fork me on GitHub

Session

The instance is stored in the global "Session" class.

CSRF token

Session::getCsrfInput()

Between the "<form method="post">" and the "</form>" tag in the view one should add "<?php Session::getCsrfInput(); ?>". This call will echo a hidden input field to the form that will prevent Cross-Site-Request-Forgery (CSRF) attacks. Note: this is required when sending a form with the "post" method.

close08:43:28 - get /docs/session - 3 ms - 1 MB - debugger