nimzie Posted October 1, 2007 Share Posted October 1, 2007 How do I validate that I came from a certain form (i.e. in a login situation)... I need to make sure that if people hit the URL to a page directly, that the only way they can come in is from the login screen... Thanks for any help. Adam Quote Link to comment Share on other sites More sharing options...
d.shankar Posted October 1, 2007 Share Posted October 1, 2007 Use sessions. Quote Link to comment Share on other sites More sharing options...
trq Posted October 1, 2007 Share Posted October 1, 2007 You can check a form was submitted to the page via... <?php if (isset($_POST['submit'])) { // process form. } ?> Providing you have a submit button named form. You can also check the refering page using $_SERVER['HTTP_REFERER'], this can however be spooked. One method which may offer more security is to set a $_SESSION variable within the login form page, then check for its exeistence within the processing script.[/img] Quote Link to comment Share on other sites More sharing options...
emehrkay Posted October 1, 2007 Share Posted October 1, 2007 Use sessions. Sessions could be spoofed, but to expand on this answer at the top of your script do <?php sesson_start(); $_SESSION['verify'] = 'asdfasdfasdfasfasdfasdfasdfl'; then on the processing page do <?php session_start(); if($_SESSION['verify'] !== 'asdfasdfasdfasfasdfasdfasdfl'){ header("Location: http://www.website.com"); exit; } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.