Xigo Xigo - 1 year ago 96
PHP Question

form token not matching

When form is submitted with $token #1 token are matching , but when submitted with $token #2 tokens dont match getting "redir"
I'm little bit confused why is this happening and not sure what I'm doing wrong here



if ($_POST['token'] == $_SESSION['token']) {

echo "login ";

echo "redir " ;


// 1st test
// $token = time();

// 2nd test
$token = md5(time().$_SERVER['REMOTE_ADDR']);
$_SESSION['token'] = $token;


<form action="" method="post">

<input type="hidden" name="token" value=" <?php echo $token ?> ">
<input type="text" name="usr">
<input type="text" name="pass">
<input type="submit" name="submit" value="send">



Answer Source

Can you try removing the spaces between the quoting and the token echo:

<input type="hidden" name="token" value=" <?php echo $token ?> ">


<input type="hidden" name="token" value="<?php echo $token ?>">

also, you may be getting through the first time because _SESSION token is empty. let's be sure to test for that, too:

if (! empty($_SESSION['token'])) {
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download