Menu
In my PHP Security book, it talks about how you should use a token (which I know contains random numbers, but am not sure if it contains anything else) with things like sessions and cookies to keep your scripts and database secure. I’m confused. Are you supposed to store this token in the database, or generate a new one for each login and/or page?