The safest message board yet.

<?php

session_start();
$clean = array();

if (isset($_POST['message']))
{
    if ($_POST['token'] ==
    $_SESSION['token'])
    {
        $clean['message'] =
        htmlentities($_POST['message']);
        $fp = fopen('./safer.txt', 'a');
        fwrite($fp, "{$clean['message']}<br />");
        fclose($fp);
    }
}

$token = md5(uniqid(rand(), true));
$_SESSION['token'] = $token;

?>

<form method="post"
action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="token"
value="<?php echo $token; ?>" />
<input type="text" name="message"><br />
<input type="submit">
</form>

<?php readfile('./safer.txt'); ?>