On Friday 02 March 2001 00:22, you wrote:
> I can think of one way that you can take in an attempy to prevent
> this.
> It is not totally fool proof but it will make it more difficult
> to send spoof data:
>
> 1) Check your HTTP refereer when the form is submitted. If the
> referer is not from your host then don't process the form.
> Of course this can be faked quite easily if this person knows
> what (s)he doing.
And it would prevent people who don't sent Referrer headers from using
the form
--
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)
The use of COBOL cripples the mind; its teaching should, therefore,
be regarded as a criminal offence.
- Edsger W. Dijkstra
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
