Im looking for info about a secure alternative to the use of
$_server['http_refere'] to check in a script from where are arriving
$_post vars.
any suggestion?
Thans a lot.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Thanks guys now i know what must i do :)
Chris Shiflett escribió:
Stut wrote:
You could put a hash value into a hidden field on the form, and
also store it in the session. When the form is submitted only
accept it if the hashes match.
However, this is very easy to get around, so I
Hi from Spain. This is my first post and im sure it wont be last :)
AraDaen
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
3 matches
Mail list logo