Token Extension - Best Way To Use

Hi everyone,

I’ve just installed the Token extension, the sample ‘create’ and ‘validate’ token scripts are simple enough but I’m unsure about where to place these scripts in my application…

I’ve used gii to create the model and crud scripts and wonder where the best place to include the create/validate scripts would be in order to validate the token on form submissions for create and update?

Any advice would be greatly appreciated.

Not sure I understand why your trying to use the Token extension in your create/update actions instead of using the built-in CSRF protection features that come with Yii.

The following links might be of help.

http://www.yiiframework.com/wiki/190/logout-csrf-protection

http://www.yiiframework.com/wiki/274/how-to-validate-csrf-token-with-session/