/** * Generates a nonce that helps prevent XSS and duplicate submissions * * @return string The generated nonce */ protected function generate_nonce() { // Checks for an existing nonce before creating a new one if (empty(self::$nonce)) { self::$nonce = base64_encode(uniqid(NULL, TRUE)); $_SESSION['nonce'] = self::$nonce; } return self::$nonce; }