session_start(); $token = md5(uniqid(rand(), TRUE)); $_SESSION[‘token’] = $token; This is how I start my

Question

Asked: May 26, 20262026-05-26T06:20:02+00:00 2026-05-26T06:20:02+00:00

session_start();
$token = md5(uniqid(rand(), TRUE));
$_SESSION['token'] = $token;

This is how I start my code.

I , then, pass taht $token variable to a hidden field in the form:

<input type="hidden" name="token" value="<?php echo $token; ?>" />

but that condition is never true:

if($_POST['token'] == $_SESSION['token'])
{       
        echo 'Session was valid<br/>';
}

why?

You must login to add an answer.

Need An Account,

Editorial Team · Answer 1 · 2026-05-26T06:20:03+00:00

Editorial Team

On page submit, a new value will be assigned to the session.

Try,

session_start();
if(!isset($_SESSION['token']))
{
 $token = md5(uniqid(rand(), TRUE));
 $_SESSION['token'] = $token;
}

The Archive Base Latest Questions