Reply to Re: PHP Passing Variables Between Pages and Security

Your name:

Reply:


Posted by Skeets on 02/11/06 00:17

as the OP, i'm trying to protect against everything. while i hadn't
thought about bots, i had thought of a criminal minded dr evil computer
genius trying to hack my forms out of spite. while this is an unlikely
scenario, i like to do things right, if i can.

it seems to me one has to...

1. verify the submittal page is the correct one...
2. verify that the "salted" session variable from the submittal page is
the same as the one received.

based on responses, though, i'm thinking there is no way to do #1 with
certainty (referrer can be spoofed). w/o #1, #2 doesn't mean too much.

is that about it?

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация