cody7 Posted June 10, 2007 Share Posted June 10, 2007 Hi What is the best way to detect the URL where the form has been submitted, here’s an example "www.domain.com/page1.php" has a form that will be submitted to "www.domain.com/page2.php". I need to be sure that all variables that will be submitted to page2.php are from page1.php of the same domain or else I have to deny the request. Thanks you for your help Quote Link to comment Share on other sites More sharing options...
kritical Posted June 10, 2007 Share Posted June 10, 2007 Unfortunately this is not a simple task... Basically the there is a simple way to ask the client what domain they posted from however this is not trust worthy information as it is easily changed by a cleaver client. (This is called the referral address) I would suggest you setup authentication if you need to be certain the post is originating from the right place, alternatively you could use session management. It really depends on what you are trying to do? Quote Link to comment Share on other sites More sharing options...
jlr2k8 Posted June 10, 2007 Share Posted June 10, 2007 I had to edit this post because I read it wrong. I know what you're saying now. Sorry, kritical is right. It is complicated... but u can try making the form page set a URL cookie like this: setcookie("url", $_SERVER['SERVER_NAME'], time()+3600, "/directory_of_your_form_and_form_processor/", ".domain.of.your.site.com"); And then on the page which processes your form info, write this: if ($_COOKIE["url"]=="") { echo "You did not use the correct page"; exit; } else { //...rest of form goes here } Quote Link to comment Share on other sites More sharing options...
AndyB Posted June 10, 2007 Share Posted June 10, 2007 set a session variable on page1.php and verify its value exists on page2.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.