RE: [PHP] securityI was going to say that but I wasn't sure if $HTTP_HOST
would get the host of the page that is now executing or the host of where
the page was coming from.
Cal
http://www.calevans.com
-----Original Message-----
From: Boget, Chris [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 23, 2001 12:51 PM
To: 'Cal Evans'; Randy Johnson; [EMAIL PROTECTED]
Subject: RE: [PHP] security
> check HTTP_REFERER. If it's not your server. toss it. It's
> not the most secure way but check the page, there are other
> variables you can use to accomplish the same thing.
Even better (and it'll *always* work as far as I know), check
$HTTP_HOST.
Chris
