I am using some functions for having csrf protection in my php codes ,
But i have a question.
I have already used them in login form of admin area, is it important to have them in the forms of admin area?
I have so many forms in admin area to do admin works but they don't have csrf token generator.
And my question is that , Is it needed to generate csrf tokens in the inner pages of admin area ?
Yes! It is more important to use them for the inner pages that it is for the login page.
A CSRF attack against your login page could result in a user being logged in as someone they don't expect to be logged in as.
A CSRF attack against your (for example) delete user page, could result in a user (who is an admin) deleting people's accounts when they don't expect to.