Below is the form processing code. I am getting only date and ip address in the databas, none of the fiels posted by the users are stored.

[php]<?php
session_start();

if (!isset($_SESSION['token']))
{
session_regenerate_id();
$_SESSION['token'] = true;
}//check for token

if (isset($_POST['token']) && isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token'])
{//token is correct
$token_age = time() - $_SESSION['token_time'];
if ($token_age >= 300)
{//token correct but timeout
echo "detected a Timeout!";
exit;
}
if(isset($_POST['secCode']) && isset($_SESSION['secCode']) && $_POST['secCode'] == $_SESSION['secCode'] )
{
// correct security code, now validate name and other field
if(isset($_POST['name']))//name field is set
{
$n = $_POST['name'];
if (strlen($n) > 0 && strlen($n) < 31) //valid and sql friendly name now in $name
{
$name = mysql_real_escape_string($_POST['name']);
}
else {
// $n is not valid
echo "recommends you to fill your name properly.";
}
}
else {
//name not set
echo "detected that you left the name field blank.";
}

//validation for next field

if(isset($_POST['title']))//title field is set
{
$n = $_POST['title'];
if (strlen($n) > 0 && strlen($n) < 61 ) //valid and sql friendly name now in $name
{
$title = mysql_real_escape_string($_POST['title']);
}
else {
// $n is not valid
echo "recommends you to fill your title properly.";
}
}
else {
//name not set
echo "detected that you left the title field blank.";
}

//validation for next field
if(isset($_POST['content']))//content field is set
{
$content = mysql_real_escape_string($_POST['content']);
}
else {
//name not set
echo "detected that you left the content field blank.";
}

$date = strtotime("now");
$ip = $_SERVER['REMOTE_ADDR'];

$con = mysql_connect("localhost","root","pass");
if (!$con){
die('Could not connect: ' . mysql_error());
}
mysql_select_db("sql", $con);
//connect to db
$sql="INSERT INTO wow (contributed_by,title,content,date,trusted,ip)VALUES('$name','$title','$content','$date','0','$ip')";
mysql_query($sql) or die(mysql_error());
mysql_close($con);

echo "received the content you shared.";








}
else {
// security code is invalid
echo "detected an invalid code.";
exit; }
}
else
{
echo "Wrong data!";
exit;
}

?>

<html>
<body>
<form action="post.php" method="post">
<input type="hidden" name="token" value="<?php echo $token; ?>" />
<table border="0" cellspacing="0" cellpadding="4">
<tr><td>Name: </td><td><input type="text" name="name" size="30" maxlength="30" /></td></tr>
<tr><td>Title: </td><td><input type="text" name="title" size="30" maxlength="30" /></td></tr>
<tr><td>Content: </td><td><textarea name="content" rows="10", cols="30"></textarea></td></tr>
<tr> <td>Code: </td>
<td>
<input type="text" name="secCode" maxlength="6" style="width:50px" size="20"> <b>&laquo;</b>
<img src="../../includes/seccode.inc.php" width="71" height="21" align="absmiddle"></td>
</tr>
<tr><td><input type="submit" /></td></tr></table>

</form>
</body>
</html>
[/code]