For example, you might offer a one-click purchase button:<form action="https://www.yourcompany.com/cart.php"; method="post"> <input type="hidden" name="product_id" value="12345" /> <input type="submit" name="submit" value="Buy this product now" /> </form>If you use $_REQUEST instead of $_POST, then visiting the following URL will also cause your product to be purchased:https://www.yourcompany.com/cart.php?product_id=12345&submit=Buy%20this%20product%20nowNow, let's say a hacker embeds the above URL in his MySpace page as an image.<img src="https://www.yourcompany.com/cart.php?product_id=12345&submit=Buy%20this%20product%20now " />Any of your previously authenticated customers who visit this hacker's MySpace page will automatically purchase your product without knowing it.This is called cross-site request forgery (CSRF): http://en.wikipedia.org/wiki/Cross-site_request_forgery
While requiring slightly more work for the hacker, how is this any different from you using $_POST and the hacker putting a button on his site that runs a script that posts straight to your script?
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
