我试过the method suggested on this site以防止重复表单提交,但在提交表单后(表单通过验证),我总是收到错误Invalid secret key!
。问题是什么?防止重复表单提交
PHP:
<?php
.
.
.
session_start();
$secret = md5(uniqid(rand(), true));
$_SESSION['FORM_SECRET'] = $secret;
// Send Message
if (isset($_POST['send']))
{
$name = strip_tags(trim($_POST['name']));
$email = strip_tags(trim($_POST['email']));
$subject = strip_tags(trim($_POST['subject']));
$message = strip_tags(trim($_POST['message']));
$valid_name = $name=='' || (mb_strlen($name) > 2 && preg_match('/^\p{L}+$/u', $name));
$valid_email = filter_var($email, FILTER_VALIDATE_EMAIL);
$valid_subject = $subject!='';
$valid_message = $message!='';
if ($valid_name && $valid_email && $valid_subject && $valid_message) {
$form_secret = isset($_POST['form_secret'])?$_POST['form_secret']:'';
if(isset($_SESSION['FORM_SECRET'])) {
if(strcasecmp($form_secret, $_SESSION['FORM_SECRET']) == 0) {
sendEmail($name, $email, $name, $email, $subject, $message, $support_email);
$PAGE_MESSAGE = "Message has been sent!";
unset($_SESSION['FORM_SECRET']);
} else {
//Invalid secret key
$PAGE_ERROR = "Invalid secret key!";
}
} else {
//Secret key missing
$PAGE_ERROR = "Form data has already been processed!";
}
} else {
$PAGE_ERROR = "Error (not valid)!";
}
}
}
?>
HTML:
<form enctype="multipart/form-data" method="POST">
<input type="hidden" name="form_secret" id="form_secret" value="<?php echo $_SESSION['FORM_SECRET'];?>" />
.
.
.
<input type="submit" name="send" value="Send" />
你是否在HTML表单存在的页面开始会话? – CMPS
当然可以! – user2406937
尝试像这样调试它:echo $ form_secret。“==”。$ _ SESSION ['FORM_SECRET']; – CMPS