I had used following function in order to prevent against form spoofing.
test.php
Code: Select all
function getSecurityCode(){
$_SESSION['sess_security_code'] = md5(uniqid(rand(), true));
return $_SESSION['sess_security_code'];
}test.html.php
Code: Select all
<input type="hidden" name="security_code" value="<?=getSecurityCode()?>">Code: Select all
if(isset($_POST['security_code']) && $_POST['security_code'] == $_SESSION['sess_security_code']){
//submission goes here..
}the two value never matches ie they are different and its amazing.
I dont know whats gone wrong with my code.
Any help and suggestions are warmly welcome.