Anyone can send any referer (sic) header to your script. It shouldn't be used for checking if someone is trying to hack the script, but it should be find in your case.

rotsky wrote:

I've experimented using $_SERVER['HTTP_REFERER'] which seems to work here.
If the user enters valid login details, the session vars are set and they
are bounced automatically back to the original page - which is fab. But the
manual says that HTTP_REFERER is unreliable, so I'm intrigued to know
exactly what the problems are. Any ideas?






-- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law.




-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php



Reply via email to