Useing sessions to verify form submissions instead of checking referers

View previous topic View next topic Go down

Useing sessions to verify form submissions instead of checking referers

Post by jamied_uk on 17th January 2014, 23:07

This is page0.php that you use to start an example test!


Code:



<title>J~Net</title>
<?php
// test0.php is the start page for a page that holds a submit form for example!

// test.php is the page that will test to see if is correct code matches and weather or not to trust the referrer page!

// this will make sure no forgeries occoure so change the $test var and dont make it random
// if you change it then always change on the parse page aswell else it wont match and will fail!

session_start();
$test = '_CODE_01001011010101100';
$_SESSION['ALLOW_SUBMIT'] = $test;
header("location: test.php");
?>







This test.php file is the result of the test example for a parsing file with checking code!


Code:

<title>J~Net</title>
<?php
// test0.php is the start page for a page that holds a submit form for example!

// test.php is the page that will test to see if is correct code matches and weather or not to trust the referrer page!

// this will make sure no forgeries occur so change the $test var and dont make it random
// if you change it then always change on the parse page as well else it wont match and will fail!

session_start();
$ref = $_SERVER['HTTP_REFERER'];
$test = $_SESSION['ALLOW_SUBMIT'];
?>


<?php
//
if($test !== '_CODE_01001011010101100') {
die("Remote Posting Not Permitted");
// do something
}
//unset sessions for checker here!
$_SESSION['ALLOW_SUBMIT'] = '';
echo "Safe To Execute";
// do something else like execute code here
?>





Files For This Script!
Code:
https://app.box.com/s/hrowy0uppymdwor9p3xu
avatar
jamied_uk
Admin

Posts : 2293
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum