In article <NFBBJAAIJKFHONHEEJJDAEEBCFAA.jk@intern>,
[EMAIL PROTECTED] (Jochen Kaechelin) wrote:
> Is this a secure way to check if some
> data comes from a form-field of the
> previous page,
No. But as long as the user submits all of the necessary data, and the
data passes your validation checks, what does it matter where they
submitted the data from? You could check the Referer value, if one has
been set, for a little more assurance that it was posted from your page,
but relying on the accuracy (or presence!) of Referer should not be
considered "secure" either.
If passing data securely from one page on your site to another is
important, maybe SSL is what you need.
> or ist it possible to
> fill it without submitting a form?
Yes, a POST request can be submitted without using a form.
--
CC
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
