前台form表单里添加如下:
<input type="hidden" name="__token__" value="{$Request.token}"/>
后台
//apalication/index/controller/index.php/test
$posts = input('post.')['data'];
//验证
$rule = [
'__token__' => 'require|token',
];
$msg = [
'__token__.require' => '非法提交',
'__token__.token' => '请不要重复提交表单'
];
$validate = new Validate($rule,$msg);
if (!$validate->check($posts)) {
$re= $validate->getError();
}
else {...}
注意:验证后,提交表单时,要把__token__字段删掉,例如:unset($post[‘token’])