1
0
mirror of https://github.com/gamaio/lobli.git synced 2024-12-23 04:02:40 +00:00
lobli/Website/Include/PHP/token.php
David Todd f72ec8f685
Make generated tokens expire now.
These don't do anything other than slow down the requests by a little bit. They store no information and are not needed.
2014-10-20 20:36:15 -05:00

20 lines
583 B
PHP

<?php
session_start();
// Generate time expiring token for process.php
require('db.php');
do{ // Generate tokens until one isn't in the redis db
$token = substr(number_format(time() * mt_rand(),0,'',''),0,40);
$token = base_convert($token, 10, 36);
if(!$redis->exists("tokens:$token")){
break;
}
} while(1);
$now = time(null);
$redis->set("tokens:$token", 0); // Store the token, when set to 1, don't allow token to be used anymore.
$redis->expire("tokens:$token", $now+60) // Expire the token after 1 minute on the server
$_SESSION['token'] = $token;
?>