Avoiding form duplication in Rev

SaW

Member
Mar 3, 2018
101
15
Would i be fine implementing this method into RevCMS to prevent my forms from duplicating when refreshed?


Thanks.
 

SaW

Member
Mar 3, 2018
101
15
Yes , token validation is a preferred security measure.
Are you familiar with using this type of methods to avoid duplication? Seems like there is a short delay when I submit the form, making the $_SESSION not match up with the current uniqid();, making it useless.
 

SaW

Member
Mar 3, 2018
101
15
I'm still not able to post the comment, as the two values end up being different when i submit the form.

When submitting the form and echoing out this:
You must be registered for see images attach


It gives me two different values:
You must be registered for see images attach


I am not aware what I'm doing wrong.
 
Code:
<?php

    $formToken = uniqid();
    $_SESSION['form-token'] = $formToken;

if($_POST['post-token'] == $_SESSION['form-token']){

$comment = strip_tags(filter($_POST['comment']));

if(empty($comment)){
} else {
if (isset($_POST['post_comment']) && isset($_SESSION['user'])) {
dbquery("INSERT INTO support_replies (user_id, report_id, message, time_sent) VALUES ('".$_SESSION['user']['id']."', '".filter((int)$_GET['ticketid'])."', '".filter($comment)."', '".time()."');") or die(mysqli_error());

$error_message = 'Thanks for your reply!<br /><br />';
echo $error_message;
    }
  }
}
echo $_SESSION['form-token'].'<br>';
echo $_POST['post-token'];

?>
<br><br>
<div id="toggle-textfield" class="toggle-textfield">
  <form action="" method="post">
  <input type="hidden" name="post-token" value="<?php echo $formToken; ?>">
  <textarea name="comment" maxlength="500"></textarea><br />
  <input type="submit" name="post_comment" value="Kommentér" />

  </form>

This is the code.
 

Object

?
Nov 10, 2017
430
352
The uniqid() function generates a unique ID based on the microtime current time in microseconds


The link i posted above if u scroll a couple answers down there'll be a mlre advanced explanaition
 

Users who are viewing this thread

Top