[pyd]

Well, this time I got the error message in english anyway

Quote:

Your submission could not be processed because a security token was missing.

Just to clearify everything.
I have created a widget (PHP Direct Execution) with this content:

PHP Code:

// UNTESTED
ob_start();
include("test/addApplication.php");
echo "<br />\n";
$output .= ob_get_contents();
ob_end_clean(); 


the file (addApplication.php) that the widget refers to is this:

PHP Code:

<?php 
if(isset($_POST['add_Application_Submit']))
{
include 'dbConnection.php';

$firstname = get_magic_quotes_gpc($_POST['add_Application_Firstname']);
$lastname = get_magic_quotes_gpc($_POST['add_Application_Lastname']);
$mobilephone = get_magic_quotes_gpc($_POST['add_Application_Mobilephone']);
$pnumber = get_magic_quotes_gpc($_POST['add_Application_p-number']);
$bnumber = get_magic_quotes_gpc($_POST['add_Application_b-number']);
$dnumber = get_magic_quotes_gpc($_POST['add_Application_d-number']);
$distict = get_magic_quotes_gpc($_POST['add_Application_district']);
$userID = get_magic_quotes_gpc($_POST['add_Application_UserID']);
$presentation = get_magic_quotes_gpc($_POST['add_Application_Presentation']);
$status = "0";




$query = "INSERT INTO ovse_applications (firstName, lastName, mobile, p-number, b-number, d-number, district, userID, presentation, application_status) VALUES ($firstname, $lastname, $mobilephone, $pnumber, $bnumber, $dnumber, $district, $userID, $presentation, $status)";
mysql_query($query) or die('Error, insert query failed');

$query = "FLUSH PRIVILEGES";
mysql_query($query) or die('Error, insert query failed');

mysql_close($conn);
echo "New MySQL user added";
}
else
{
?>

<form id="form1" method="post" action="">
  <table border="0" cellpadding="0" cellspacing="0">
    <tr>
      <td> F&ouml;rnamn </td>
      <td><input type="text" name="add_Application_Firstname" id="add_Application_Firstname" /></td>
    </tr>
    <tr>
      <td> Efternamn </td>
      <td><input type="text" name="add_Application_Lastname" id="add_Application_Lastname" /></td>
    </tr>
    <tr>
      <td>Mobilnummer: </td>
      <td><input type="text" name="add_Application_Mobilephone" id="add_Application_Mobilephone" /></td>
    </tr>
    <tr>
      <td>Personnummer: </td>
      <td><input type="text" name="add_Application_p-number" id="add_Application_p-number" /></td>
    </tr>
    <tr>
      <td>Bricknummer: </td>
      <td><input type="text" name="add_Application_b-number" id="add_Application_b-number" /></td>
    </tr>
    <tr>
      <td>Diarienummer: </td>
      <td><input type="text" name="add_Application_d-number" id="add_Application_d-number" /></td>
    </tr>
    <tr>
      <td>L&auml;n: </td>
      <td><select name="add_Application_district" id="add_Application_district">
          <option value="Inget l&auml;n valt">Inget l&auml;n valt</option>
          <option value="Blekinge">Blekinge</option>
          <option value="Dalarna">Dalarna</option>
          <option value="Gotlands l&auml;n">Gotlands l&auml;n</option>
          <option value="G&auml;vleborg">G&auml;vleborg</option>
          <option value="Halland">Halland</option>
          <option value="J&auml;mtland">J&auml;mtland</option>
          <option value="J&ouml;nk&ouml;pings l&auml;n">J&ouml;nk&ouml;pings l&auml;n</option>
          <option value="Kalmar l&auml;n">Kalmar l&auml;n</option>
          <option value="Kronoberg">Kronoberg</option>
          <option value="Norrbotten">Norrbotten</option>
          <option value="Sk&aring;ne">Sk&aring;ne</option>
          <option value="Stockholms l&auml;n">Stockholms l&auml;n</option>
          <option value="S&ouml;dermanland">S&ouml;dermanland</option>
          <option value="Uppsala l&auml;n">Uppsala l&auml;n</option>
          <option value="V&auml;rmland">V&auml;rmland</option>
          <option value="V&auml;sterbotten">V&auml;sterbotten</option>
          <option value="V&auml;sternorrland">V&auml;sternorrland</option>
          <option value="V&auml;stmanland">V&auml;stmanland</option>
          <option value="V&auml;stra G&ouml;taland">V&auml;stra G&ouml;taland</option>
          <option value="&Ouml;rebro l&auml;n">&Ouml;rebro l&auml;n</option>
          <option value="&Ouml;sterg&ouml;tland">&Ouml;sterg&ouml;tland</option>
        </select>
          <input name="add_Application_UserID" type="hidden" id="add_Application_UserID" value="<? print(vB::$vbulletin->userinfo['userid']); ?>" />
          <input type="hidden" name="securitytoken" value="<?php echo $bbuserinfo['securitytoken']; ?>" />
      </td>
    </tr>
    <tr>
      <td>Kort personlig presentation:</td>
      <td><textarea name="add_Application_Presentation" rows="10" id="add_Application_Presentation"></textarea></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="add_Application_Submit" id="add_Application_Submit" value="Ans&ouml;k" /></td>
    </tr>
  </table>
</form>
<?php 
}
?>

Quote:

Originally Posted by BBR-APBT

on a plus note the code is not with in the PHP braces so its basicly html. You might need to do

Code:

<input type="hidden" name="securitytoken" value="<?php echo $bbuserinfo['securitytoken']; ?>" />

Edit: If I do a simple <?php echo $bbuserinfo['securitytoken']; ?>, it dosen't show anything, but that's maybe normal?