$hid_inp_id = !empty($user2edit['id']) ? $user2edit['id'] : ''; ?> <input type="hidden" name="id" value="<?php echo $hid_inp_id; ?> " /> <!-- CSRF only protection <input type="hidden" name="csrf_tkn" value="<php echo Secure::csrf_generate()?>" /> --> <?php // build an array with all protected inputs and their values. $locked_inputs = array('id' => $hid_inp_id); ?> <input type="hidden" name="frmlock_tkn" value="<?php echo Secure::frmlock_generate($locked_inputs); ?> " /> <div class="input-group col-md-6 row"> <div class="submit"> <input name="submit" class="col-md-offset-4 col-md-8" type="submit" value="Update"/> </div> </div> </form> </div> <?php //echo "<pre>"; //print_r($_SESSION);