Marcus, one of them is the token key as shown on the name attribute while the other is a token to verify that all fields from your form are receive on the controller end.
On May 4, 2:37 pm, "Marcus T. Jaschen" <[EMAIL PROTECTED]> wrote: > dericknwq wrote: > > I remember asking PhpNut about this and he says it was for security. > > Right now, in the startup() of the Security component __validatePost > > is called for each request that is POSTed. And __validatePost requires > > a Token in your POST, so I presume that's that. > > >https://trac.cakephp.org/browser/branches/1.2.x.x/cake/libs/controlle... > >https://trac.cakephp.org/browser/branches/1.2.x.x/cake/libs/controlle... > > In my form are three Tokens defined, with two different hashes: > > 1st one after the created form tag (the form and all form elements were > created with the FormHelper): > > <form id="CmsArticleEditForm" method="post" > action="/admin/cms_articles/edit/25"> > > <p style="display: inline; margin: 0px; padding: 0px;"> > > <input type="hidden" name="data[__Token][key]" > value="0d28260766d81b2d239f9473a89f489b04a570a2" > id="CmsArticleEditFormToken1827120349" /> > > </p> > > Now some standard form fields are following: > > <input type="hidden" name="data[_CmsArticle][id]" value="25" > id="CmsArticleId" /> > <input type="hidden" name="data[_CmsArticle][user_id]" value="3" > id="CmsArticleUserId" /> > (... and some more fields) > > The second token starts before the submit button, the third comes > directly before the submit button: > > <p style="display: inline; margin: 0px; padding: 0px;"> > > <input type="hidden" name="data[__Token][fields]" > value="0fa3b9736b2b416d355cad3f384fabf64b2e2018" > id="TokenFields1379082255" /> > > </p> > > <div class="submit"> > > <p style="display: inline; margin: 0px; padding: 0px;"> > > <input type="hidden" name="data[__Token][fields]" > value="0fa3b9736b2b416d355cad3f384fabf64b2e2018" > id="TokenFields1379082255" /> > > </p> > > <input type="submit" value="Save" /> > > </div> > > Any ideas why three Tokens are generated and why two of them have > different hashes? > > Marcus --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
