/dev-club/b/dev-blog/posts/csrf-tokens-in-sugar-7-7What is a Cross Site Request Forgery (CSRF)?A CSRF is a type of exploit that a malicious website or attacker could employ to have a user send unauthorized commands to a website or application. It is a type of confused deputy attack agains...en-USTelligent Community 12https://sugarclub.sugarcrm.com/dev-club/b/dev-blog/posts/csrf-tokens-in-sugar-7-7Fri, 17 Aug 2018 18:14:26 GMT5c521d64-519d-47a6-9065-134618b211bf:6a687b2a-2ae7-4c14-9878-c4c6272df62eMichael A. Agarenzo0 <p>Hi again Matt,</p><p>My mistake, those steps are indeed working!</p><p>I tried including the Smarty tag in the PHP file, rather than separating the HTML form from the PHP file to a Template file and then including the Smarty tag there.</p><p>Works as intended now. Thank you!</p><p>Best,</p><p>Mike</p> <img src="https://sugarclub.sugarcrm.com/aggbug?PostID=762&AppID=56&AppType=Weblog&ContentType=0" width="1" height="1">https://sugarclub.sugarcrm.com/dev-club/b/dev-blog/posts/csrf-tokens-in-sugar-7-7Thu, 16 Aug 2018 15:46:00 GMT5c521d64-519d-47a6-9065-134618b211bf:6a687b2a-2ae7-4c14-9878-c4c6272df62eMichael A. Agarenzo1 <p>Hey Matt,</p><p>Currently working with SugarCRM 8.0.1.</p><p>Have there been any other explanations (since this one) of how to implement a CSRF token in a BWC HTML form?</p><p>All I&#39;ve seen is that we need to implement a CSRF token in our custom modules so as to avoid the XSRF error on form submits, but I have not found steps anywhere on how to actually implement this.</p><p>I have tried adding the smarty tag above and it was to no avail. Is there a step-by-step explanation anywhere of how to do this?</p><p><br />Best,</p><p>Mike</p> <img src="https://sugarclub.sugarcrm.com/aggbug?PostID=762&AppID=56&AppType=Weblog&ContentType=0" width="1" height="1">https://sugarclub.sugarcrm.com/dev-club/b/dev-blog/posts/csrf-tokens-in-sugar-7-7Tue, 08 Aug 2017 07:27:02 GMT5c521d64-519d-47a6-9065-134618b211bf:6a687b2a-2ae7-4c14-9878-c4c6272df62eSugarCRM Developers0 <p><i>Comment originally made by Mehul Bhandari.</i></p><span>Thanks Matthew</span><p>Helpful !!</p> <img src="https://sugarclub.sugarcrm.com/aggbug?PostID=762&AppID=56&AppType=Weblog&ContentType=0" width="1" height="1">