CSRF or protection to CMS

[MalekRetro]

Hi guys! I have a quick question, how do I enable CSRF protection on my cms or any protection? And on which file do I put the script you'll give me etc...


I have these codes but I don't know what they do and how to use them.
Sorry for my bad English I'm from Sweden

 

[Jerry]

What CMS are you using?

 

[MalekRetro]

What CMS are you using?

Atm, my friends CMS but I mean is there not any way you can protect any cms u have? like what if i want to change cms next week

 

[Jerry]

Atm, my friends CMS but I mean is there not any way you can protect any cms u have? like what if i want to change cms next week

ur friends CMS? Is it Rev, Uber, Brain???

And yes, it's possible to add CSRF protection on any CMS.

Here's an example:

And I make a check on the login form if the token is correct:

 

[MalekRetro]

ur friends CMS? Is it Rev, Uber, Brain???

And yes, it's possible to add CSRF protection on any CMS.

Here's an example:

And I make a check on the login form if the token is correct:

Okay but where do I put this code? On every file or at the bottom or where? And which one of the images u sent? :S

 

[Jerry]

The code for setting the token to the session should be placed in the global file (e.g., global.php) or wherever it is and the one for checking if the token is correct should be in the login form (class.templates.php, index.php or wherever the login form is placed).

 

[MalekRetro]

The code for setting the token to the session should be placed in the global file (e.g., global.php) or wherever it is and the one for checking if the token is correct should be in the login form (class.templates.php, index.php or wherever the login form is placed).

do u have skype bro?

 

[MasterJiq]

Whats this csrf token would do ?

 

[Etrion]

Whats this csrf token would do ?

You know that CSRF stands for "Cross-Site Request Forgery"?!?
and if you dont know i recommend you to read about it here:

You must be registered for see links