session hijacking prevention with tokens, what am i missing here?

Printable View