Mouner Mostafa Mouner Mostafa - 20 days ago 5
PHP Question

php using token inside form why token is importent

i have some question about

access token
hope u guy's have the answer ,i did my research but for sure i didn't understand why using
token
is so important to secure forms . so my question is and i hope to understand that what token exactly do in forms ,how it's secure form and secure it from what.
and is token Important in login form but what if i didn't use token inside login form is that make the form unsecured.
thank you hope to find the answer

Answer

Access token is one of protection patterns against CSRF attack. CSRF stands for Cross-site Request Forgery. It is deeply explained here:
WIKI-CSRF

Especially take a look at Examples section and Prevention section.
In simple words this attack for example steals request with login information and lets intruder login in any time. If you have access token that is gone after session is gone or after opening the form another time, you are protected. I encourage you to read the article above.

I hope this helped.