> But the manual says that HTTP_REFERER is unreliable, so I'm > intrigued to know exactly what the problems are. Any ideas?
The HTTP_REFERER field is retrieved from the "HTTP Referer:" header as used in the HTTP protocol. This field is set entirely by the client browser / application retrieving the data. There is nothing to stop the client from adding malformed, incorrect or spoof data into this field - and thus possibly faking entry to the data you are protecting. You cannot rely on this field to be accurate, correct or even populated. -- Dan Hardiker [EMAIL PROTECTED] ADAM Software & Systems Engineer First Creative -- Dan Hardiker [EMAIL PROTECTED] ADAM Software & Systems Engineer First Creative -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php