ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button
  Ten Security Checks for PHP, Part 1
Subject:   Register Globals on
Date:   2007-03-01 11:52:54
From:   andrwe
Response to: Register Globals on

My method for securing where POST data comes from is thus:

$referer = $_SERVER['HTTP_REFERER'];
if ($referer != "http://www.domain.com/form.html") {
echo "nice try!";
} else {

Any downside to that (other than having to change the URL upon upload)?

1 to 2 of 2
1 to 2 of 2