Jump to content


preventing form tampering


  • Please log in to reply
1 reply to this topic

#1 Guest_kilbad_*

Guest_kilbad_*
  • Guests

Posted 02 September 2006 - 03:47 AM

If I have a form that begins with:: <form action="some_script.php" method="post">  what are some PHP techniques for preventing someone from making their own form that refers back to my script inorder to spam me, like:: <form action="HTTP://WWW.MYDOMAIN.COM/some_script.php" method="post">.  How can I prevent this type of "hotlinking" (if that is the right term, I know it is used for linking to images).

Specifically, I have been reading about using HTTP_REFERER in the some_script.php to check that it is a local request, but I am not sure how to go about this.

Thanks in advance!  brendan

#2 corbin

corbin
  • Staff Alumni
  • Advanced Member
  • 8,129 posts

Posted 02 September 2006 - 04:54 AM

<?
$pattern = "/yourdomain.com/i";
if (!preg_match($domain, $_SERVER['HTTP_REFERER'])) {
die("Please visit the page thru <a href=\"http://yourdomain.com/page.ext\">Here</a>");
}
?>

Should work...
Why doesn't anyone ever say hi, hey, or whad up world?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users