Another way to do this is to have a form element with an odd name and value
that you can check for before processing the post. This is not too secure if
someone knows the name and value though. In that case you can use the
referer _and_ a unique element name and value that is related to the
referer. Checking for these items before processing the form should be
pretty good.
James
-----Original Message-----
From: phpman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 24, 2001 10:04 AM
To: [EMAIL PROTECTED]
Subject: [PHP] Form security
Since nobody answered my last question (or any of them for that matter). Let
me rephrase it a little
different.
Other then checking the referer (to make sure the posted data came from the
right page)
and user agent (to see if it exists), is there any other way to secure a
form from having other
forms submitting to it?
-dave
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
