No wait,
I see what you mean. You're right, sometimes the obvious is missed, but it
sounded cool.
> From: "Chris" <[EMAIL PROTECTED]>
>
> > Would it not be possible to have both the form page and the script page
> that
> > handles the form be generated o the fly with random filenames?
> >
> > The form page would point to the random generated script page, and the
> > script page could delete itself after it is proccessed. You would also
> want
> > a cron to delete any files in case they never bothered to submit the
form.
> >
> > Can anyone see a problem with this?
> >
> >
>
>
>
> That is not going to solve the problem, because a cracker can just copy
and
> paste the random filename of the script page into their form page.
>
> Bogus form data is a problem for everyone working with html forms. You're
> trying to find an esoteric solution to the problem, while overlooking the
> obvious: just check if the data is valid.
>
>
> Regards
>
> Simon Garner
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
