Token::generate (method)

Return to Knowledgebase


Generates a token and saves it to a session variable.



See Also:

Token::check (method)


This function does not take any arguments



Further Documentation:

The token system is a type of two factor authentication system for forms. When a form is generated on screen a token is generated and stored in a session variable. It is then sent in via post with the rest of the form. Token::check makes sure those 2 tokens match. If they do not, it is assumed that some sort of manipulation happened with the form. Modern versions of UserSpice share one token per session so the Token::generate can be called multiple times without causing issues. Simply add a hidden form field for your token.