Jump to content

Verify sender of $_POST


448191

Recommended Posts

[quote author=Jenk link=topic=107326.msg430400#msg430400 date=1157706231]
There will be recommendations for $_SERVER['HTTP_REFERER'] and/or $_SERVER['REMOTE_ADDR'] but they are [b]very[/b] unreliable.
[/quote]

No there won't, because I said 'hard to spoof' and everybody knows those are easy to spoof.

[quote author=Jenk link=topic=107326.msg430400#msg430400 date=1157706231]
If it's local, don't use $_POST.
[/quote]

I'm sorry I wasn't very clear. I wanted something like HTTP_REFERER but more reliable. I was going to use it to verify that the sending of data was provoked by my own application, but now that I think of it there are probably better ways to do that. In short: never mind.
Link to comment
Share on other sites

[quote author=448191 link=topic=107326.msg430491#msg430491 date=1157717619]
[quote author=Jenk link=topic=107326.msg430400#msg430400 date=1157706231]
There will be recommendations for $_SERVER['HTTP_REFERER'] and/or $_SERVER['REMOTE_ADDR'] but they are [b]very[/b] unreliable.
[/quote]

No there won't, because I said 'hard to spoof' and everybody knows those are easy to spoof.
[/quote]Ha, you've been here longer than I have, yet you say that.[quote]
[quote author=Jenk link=topic=107326.msg430400#msg430400 date=1157706231]
If it's local, don't use $_POST.
[/quote]

I'm sorry I wasn't very clear. I wanted something like HTTP_REFERER but more reliable. I was going to use it to verify that the sending of data was provoked by my own application, but now that I think of it there are probably better ways to do that. In short: never mind.
[/quote]Still stands.. you own application is instigating the POST data.. so why use POST in the first place? Use SESSION or better yet a database table.
Link to comment
Share on other sites

[quote author=Jenk link=topic=107326.msg430714#msg430714 date=1157734105]
Ha, you've been here longer than I have, yet you say that.[/quote]

I won't go into that. Suffice it to say you are wrong. Either you don't understand me or you're an idiot, judging by the childishness of above comment I am leaning towards the latter.

That is ALL I'm saying in this thread. [adds Jenk to looooong personal blacklist  :P]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.