At 10:49 AM +1000 13/5/02, Martin Towell wrote:
>if you have the globals setting in your ini file set to "on" then you can

Watch out though... the HTTP_REFERER data is provided by the user
and cannot be trusted. It can't even be guaranteed to exist.

If all the pages are on the same site, you could embed the form
filename in a hidden field on the form so it is passed to the script.

Or since that's also open to abuse by malicious users, you could
track where the user is in the site using session variables.


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to