Better (though still theoretically spoofable) would be to include a random
number/string in a hidden field, store that number in the session, and check
to see that the number returned in the form is the same as what is expected
for that session. It's theoretically possible that someone could hijac
The variable $HTTP_REFERER will tell you the origin of the request.
So you can check it with:
if (EREG('xxx.php$',$HTTP_REFERER)) { //only look for the name file
//process data
}
-- or ---
if ($HTTP_REFERER=='www.yyy.com/path/xxx.php') { //look for the entire url
//process data
You can do it by checking if the submit button was pressed:
if (isset($name_of_the_submit_button)) {
// the button was pressed
}
Maybe you can include checking a hidden field.
"Matt Babineau" <[EMAIL PROTECTED]> escribió en el mensaje
000d01c29af0$77e6d400$0210a8c0@webdevx">news:000d01c29af0$77e6d
