如果我理解你的话,那将是因为php函数不会遍历ajax,所以你不能在索引页面上拥有该函数,并认为ajax页面也会包含该函数。他们需要像个人页面一样对待。要解决此问题,您还需要在login_form.php页面中包含该功能。最简单的方法是将其从index.php页面中删除,创建一个新文件:
/functions/generateFormToken.php
function generateFormToken($form)
{
// generate a token from an unique value
$token = md5(uniqid(microtime(), true));
// Write the generated token to the session variable to check it against the hidden field when the form is sent
$_SESSION[$form.'_token'] = $token;
return $token;
}然后从index.php中删除session_start();,而是创建一个config.php页面,您将在所有顶级php文件中包含该页面:
/config.php
session_start();
define('DS',DIRECTORY_SEPARATOR);
define('ROOT_DIR',__DIR__);
define('FUNCTIONS',ROOT_DIR.DS.'functions');最后,当您加载两个页面时,请包含配置页面并包含功能页面。
Note: You should include the config page first thing on the page to load. The config can not load after html starts outputting. All your non-html code should go at the top before any content is output.
的index.php
include_once(__DIR__.DIRECTORY_SEPARATOR.'config.php');
include_once(FUNCTIONS.DS.'generateFormToken.php');
// Do other header code here
// When you are done, start writing html to the browser
?>/php/login_form.php
$DS = DIRECTORY_SEPARATOR;
include_once(realpath(__DIR__.$DS.'..').$DS.'config.php');
include_once(FUNCTIONS.DS.'generateFormToken.php');
// Do other header code here
// When you are done, start writing html to the browser
$newToken = generateFormToken('form1');
?>
Username:
Password:
Keep me logged in