PHP Form Security With Referer
Posted
by Jascha
on Stack Overflow
See other posts from Stack Overflow
or by Jascha
Published on 2010-05-15T19:12:37Z
Indexed on
2010/05/15
19:14 UTC
Read the original article
Hit count: 333
I'm putting together a site that will make itself available for user input. I was wondering if writing a function like:
if(getenv("HTTP_REFERER") != 'http://www.myURL.com/submitArea'){
die('don\'t be an jerk, ruin your own site');
}else{
// continue with form processing
}
is enough to prevent cross site form submissions.
© Stack Overflow or respective owner