/    Sign up×
Community /Pin to ProfileBookmark

token issue

Copy linkTweet thisAlerts:
Aug 30.2012

Hi,

[code=php]<?php
session_start();
if(isset($_POST[‘review’]))
echo $_POST[‘form-token’];
?>

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN”>

<html>
<head>
<title>Untitled</title>
</head>

<body>

<form method=”post” action=””>
<input type=”hidden” name=”form-token” value=”<?php echo md5(uniqid(microtime(),1)); ?>”>
<input type=”submit” name=”review” value=”Review”>
</form>
</body>
</html>[/code]

Does anybody know why my token stays the same when i press back and click on the submit button?

When I press back and view source the token changes in the form tho, but it’s not submitted which is weird.

Any advice would be appreciated.

Thanks

to post a comment
PHP

1 Comments(s)

Copy linkTweet thisAlerts:
@NogDogAug 31.2012 — Probably because when you press the browser "back" button, it reloads the page from cache and never even calls your PHP script. I'm not sure whether that can be avoided by using no-cache HTTP headers (or if that depends on the browser?).
×

Success!

Help @sc_king spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 6.16,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @nearjob,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,
)...