我創建了腳本。來源 -
控制器 -
public function action_index() {
session_start();
$_SESSION['token'] = rand();
if (isset($_GET['do']) and $_GET['do'] == 'comment') {//Ja viss kārtībā, turpinam
var_dump($_POST['token']);
var_dump($_SESSION['token']);
if ($_SESSION['token'] == $_POST['token']) {
echo 'ok';
}
else{ echo 'error'; }
視圖 -
<form action="?do=comment" class="form-komentaram" method="post" style="margin: 7.5px;">
<input type="text" name="name" required="required" placeholder="Tavs vārds..." /><br />
<input type="text" name="homepage" placeholder="Tava mājaslapa..." /><br />
<input type="hidden" name="artcl_id" value="<?php echo $article['id']; ?>" />
<input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>" />
<textarea name="text" required="required"></textarea><br />
<input type="submit" value="OK!" required="required" />
</form>
隨着我的var_dump看到,在頁面加載$ _SESSION [ '令牌']的變化。 例如,我在輸入字段中提交標記並重新加載頁面以檢查標記,但在頁面重新加載之前$ _SESSION ['token']爲23456,$ _POST ['token']爲23456,但在頁面重新加載$ _SESSION [令牌']是12345.爲什麼?
由於'$ _SESSION ['token'] = rand();'可能 – Clive