Is a new hash generated every time a form is submitted?

[raydona]

Hi,
 Say I have the situation shown below:

 

<form action="" method="POST">
<P>
<label for="username">Username</label>
<input type="text" name="username" id="username"
autocomplete="off">
</P>
<P>
<label for="password">Password</label>
<input type="password" name="password" id="password"
autocomplete="off">
</P>
<P>
<input type="hidden" name="token" value="<?php echo md5(sha1($salt.$ip).sha1($salt.$formName)) ?>" />
<input type="submit" value="LOG IN">
</P>
</form>

 When form is submitted a hash is generated for the line: value="<?php echo md5(sha1($salt.$ip).sha1($salt.$formName)) ?>" However, it is found username or password is incorrect and the form has to be resubmitted with correct username or password. When form is submitted for a second time is a new hash generated in the line: value="<?php echo md5(sha1($salt.$ip).sha1($salt.$formName)) ?>"   which is likely to be different from the first one?????
 

 

[Psycho]

There is no way for us to know. How are $salt, $ip, and $formName defined? If they are the same, then the resulting hash will be the same.