|
|
Posted by Krustov on 01/24/08 15:15
<comp.lang.php>
<Shelly>
<Thu, 24 Jan 2008 05:01:42 -0800 (PST)>
<4cec3359-a419-4c37-a8c2-35eaa453836c@s13g2000prd.googlegroups.com>
> I looked at
> the html generated (view source) and there it is. The hidden field,
> its name, and its value are all to see. That means that they can
> generate a form and put in even a null field in that area and my check
> would fail because it matches. So, where do I hide the value to be
> checked? Do I create a session variable and put its value there and
> then check the returned value against that?
>
I use the ip address to create the filename and to store anti spam bot
code as a flat file - and then read the code in on the next page .
While its certainly not impossible 2 or more users will be surfing your
website using the same ip address - the chances that more than one user
will be using the contact form at that precise moment is quite remote
even if its a fairly busy website as the vast majority of users are
'surfers' and not 'contactors' .
www.jpgimage.co.uk/contact.php
BTW: one of the tricks IMHO is to write your own image code that you can
then use on any of your own websites - and despite what you might like
to think its not that hard once you learn some GD basics .
Navigation:
[Reply to this message]
|