>[Using HTTP_REFERER for security purposes] > >Simple, effective, and safe.
Simple, but unsafe. $HTTP_REFERER is not suited for security related purposes, because - it's optional, you cannot rely on it's presence - it's easy to manipulate -- Johannes
