Thread: php & form submission control
View Single Post
Old 05-25-2004, 04:52 AM  
boyw_utr
Confirmed User
 
Join Date: Oct 2003
Location: The Netherlands
Posts: 310
Quote:
Originally posted by disregard
Here's an algorythm:

When displaying the form:

1. Generate a unique number and store it in a database table with a timestamp.

2. Delete all unique numbers older than 2 hours.

3. Hide the new unique number in the form.

When processing the form:

1. Check the unique number against the database. If it is not there, die();

2. Check the refferer. If it is incorrect, die();

3. Process the form.
Hey this is also a sollution....
But it brings me a even greater and easier idea...

Just start a session in the form and check the sessions id in the submit routine... if not there send them to the form on the server with a header....

__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60.
boyw_utr is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote