CSRF token mismatch. Please refresh the page and try again.
"; return; } // Continue to next middleware $next(); } /** * Verify CSRF token */ private function verifyToken(string $token): bool { if (!isset($_SESSION['csrf_token'])) { return false; } return hash_equals($_SESSION['csrf_token'], $token); } }