unique generated values not matching ??

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
PHPycho
Forum Contributor
Posts: 336
Joined: Fri Jan 06, 2006 12:37 pm

unique generated values not matching ??

Post by PHPycho »

Hello forums
I had used following function in order to prevent against form spoofing.
test.php

Code: Select all

function getSecurityCode(){
	$_SESSION['sess_security_code'] = md5(uniqid(rand(), true));
	return $_SESSION['sess_security_code'];		
}
and I had used that session's value in hidden field of a form as
test.html.php

Code: Select all

<input type="hidden" name="security_code" value="<?=getSecurityCode()?>">
and checked when the form is submitted as

Code: Select all

if(isset($_POST['security_code']) && $_POST['security_code'] == $_SESSION['sess_security_code']){
	//submission goes here..
}
but the problem is:
the two value never matches ie they are different and its amazing.
I dont know whats gone wrong with my code.
Any help and suggestions are warmly welcome.
User avatar
aaronhall
DevNet Resident
Posts: 1040
Joined: Tue Aug 13, 2002 5:10 pm
Location: Back in Phoenix, missing the microbrews
Contact:

Post by aaronhall »

I'd stick an echo "asdfasdfasdf" in getSecurityCode() to double check that it's not accidentally getting called on the submit page.
Post Reply