04-13-2003, 04:39 PM
Hi. I hope this is a quick and easy question. Is there a way to keep pages from outside my server from posting variables to my php pages? If not, is there a way with php to make sure the form submitting the variables came from my server? I think you catch my drift. Thanks in advance
04-13-2003, 04:57 PM
Ask Mhtml about it. He has recently been made aware of that kind of problem. lol :D Sorry, inside joke about a fellow moderator.
Well some tips would be to not use global variables, use post method unless you need to put the variables in the URL, use sessions, don't rely on HTTP_REFERER as that information can be easily spoofed.