我試過the method suggested on this site以防止重複表單提交,但在提交表單後(表單通過驗證),我總是收到錯誤Invalid secret key!
。問題是什麼?防止重複表單提交
PHP:
<?php
.
.
.
session_start();
$secret = md5(uniqid(rand(), true));
$_SESSION['FORM_SECRET'] = $secret;
// Send Message
if (isset($_POST['send']))
{
$name = strip_tags(trim($_POST['name']));
$email = strip_tags(trim($_POST['email']));
$subject = strip_tags(trim($_POST['subject']));
$message = strip_tags(trim($_POST['message']));
$valid_name = $name=='' || (mb_strlen($name) > 2 && preg_match('/^\p{L}+$/u', $name));
$valid_email = filter_var($email, FILTER_VALIDATE_EMAIL);
$valid_subject = $subject!='';
$valid_message = $message!='';
if ($valid_name && $valid_email && $valid_subject && $valid_message) {
$form_secret = isset($_POST['form_secret'])?$_POST['form_secret']:'';
if(isset($_SESSION['FORM_SECRET'])) {
if(strcasecmp($form_secret, $_SESSION['FORM_SECRET']) == 0) {
sendEmail($name, $email, $name, $email, $subject, $message, $support_email);
$PAGE_MESSAGE = "Message has been sent!";
unset($_SESSION['FORM_SECRET']);
} else {
//Invalid secret key
$PAGE_ERROR = "Invalid secret key!";
}
} else {
//Secret key missing
$PAGE_ERROR = "Form data has already been processed!";
}
} else {
$PAGE_ERROR = "Error (not valid)!";
}
}
}
?>
HTML:
<form enctype="multipart/form-data" method="POST">
<input type="hidden" name="form_secret" id="form_secret" value="<?php echo $_SESSION['FORM_SECRET'];?>" />
.
.
.
<input type="submit" name="send" value="Send" />
你是否在HTML表單存在的頁面開始會話? – CMPS
當然可以! – user2406937
嘗試像這樣調試它:echo $ form_secret。「==」。$ _ SESSION ['FORM_SECRET']; – CMPS