--- Jay Blanchard <[EMAIL PROTECTED]> wrote: > [snip] > I've read (at least on 2 occasions) that one can secure their forms, to > ensure that the form came from the site, and not via a script kiddie. > Not the method where one puts a graphic of random text to copy to the > form, but via a hidden field. It has to do with having a hidden field of > data, that must match some data, when the form is posted.
(Sorry, I missed the original email.) You might find these resources helpful: http://education.nyphp.org/phundamentals/PH_spoofed_submission.php http://shiflett.org/talks/oscon2004/php-security/36 Hope that helps. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly Coming Fall 2004 HTTP Developer's Handbook - Sams http://httphandbook.org/ PHP Community Site http://phpcommunity.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
