PHP Form Security With Referer

Posted by Jascha on Stack Overflow See other posts from Stack Overflow or by Jascha
Published on 2010-05-15T19:12:37Z Indexed on 2010/05/15 19:14 UTC
Read the original article Hit count: 333

Filed under:
|
|

I'm putting together a site that will make itself available for user input. I was wondering if writing a function like:

if(getenv("HTTP_REFERER") != 'http://www.myURL.com/submitArea'){
        die('don\'t be an jerk, ruin your own site');   
    }else{
        // continue with form processing    
    }

is enough to prevent cross site form submissions.

© Stack Overflow or respective owner

Related posts about php

Related posts about security