[nycphp-talk] php web form
Nasir Zubair
nasir81 at gmail.com
Mon May 16 16:41:05 EDT 2005
The simplest way would be to place a hidden field in your form, which
can contain some kind of secret, like MD5/SHA-1 hash of something
known to the server only. If you pick a random secret, you can store
it in a session and check the submitted hash with the hash of the
secret from the session.
On 5/16/05, aaron at aarond.com <aaron at aarond.com> wrote:
> Anyone have recommendations on how to secure a webform? What I'm trying
> to do is have the code processing page be able to tell if the referring
> page is on the same server.
>
> For example I'd like to avoid someone trying to send post data from a
> copy of my form on another server to mine.
>
> thanks,
> Aaron
>
> _______________________________________________
> New York PHP Talk Mailing List
> AMP Technology
> Supporting Apache, MySQL and PHP
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
>
--
Nasir Zubair
http://www.nasir.us/
More information about the talk
mailing list