verifyCsrfToken($token)) { // Log CSRF attempt $logMessage = sprintf( "CSRF attempt detected - IP: %s, Page: %s, User: %s", $_SERVER['REMOTE_ADDR'], $_GET['page'] ?? 'unknown', $_SESSION['username'] ?? 'anonymous' ); $logObject->insertLog(0, $logMessage); // Return error message http_response_code(403); die('Invalid CSRF token. Please try again.'); } } return true; }