<?php
|
header("X-XSS-Protection: 1;mode=block");
|
session_start();
|
if(!isset($_SESSION['token'])) {
|
$token = md5(time());
|
$_SESSION['token'] = $token;
|
} else {
|
$token = $_SESSION['token'];
|
}
|
?>
|
<iframe></iframe>
|
|
<form action="testurl.php?x=<?php echo htmlentities($_GET['x'])?>&token=<?php echo $token?>"></form>
|
|
<?php echo $token?>
|