Probably what you need is to put parenthesis around your if
check parts, they are probably getting evaluated in another way than your logic needs:
if( (isset($_POST['token']) && $_POST['token'] != $_SESSION['token']) //<-- added parenthesis around those
|| !isset($_POST['token'])
|| !isset($_SESSION['token']))
aularon
2010-09-06 21:58:36