>> Doesn't this assume spammers/hackers know what the error
>
>I'm neither a spammer nor a hacker in the pejorative sense of the word, but
>I've written more than one application which submitted data directly to an
>action page on another server and bypassed the form. To do this, I'd
>typically run the form to see how it works, and I'd write my code so that it
>sent the same data as the form did. This would include form fields as well
>as HTTP request headers and cookies if necessary.
>
>Dave Watts, CTO, Fig Leaf Software
>http://www.figleaf.com/
>phone: 202-797-5496
>fax: 202-797-5444
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
