>
> <?
> if($_POST && eregi(getenv("SERVER_NAME"),getenv("HTTP_REFERER"))) {
> // This is a safe POST
> } elseif(!eregi(getenv("SERVER_NAME"),getenv("HTTP_REFERER"))) {
> die("Illegal access. Your IP has been logged.\n");
> }
> ?>
>
it is not safe. i can use curl (www.php.net/curl) and modify the referer
of my script to pass this security check. i advise you to add image code
to the form and check that in your script. that will stop the attackers
insert lot of data in your database.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
