Nono, I'm saying that you can never be 100% sure where someone came from, since they are responsible for storing that data, and they can modify before sending it back to you.
If you really want to make sure someone came from another page before the current page, create a uniq ID and md5 it or something, store it in the database and then when someone comes to that page check the cookie value against what you stored in the database.. that's the only way to really enforce that someone came from a previous page of yours. The http_referrer stuff is really built in just for statistics not security. Josh. On March 19, 2003 05:28 pm, Philarmon wrote: > Ok, thanks for the info, Josh ! > > > All security measures needs to happen on the server, not from what the > > users > > > web browser gives you. > > And how to do something like that on the server ? Is there a tutorial > somewhere about this or something ? A few words about that would be great ! > > :) > > Philarmon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
