How To Get The Referrer Url Of Post Request In Php?

September 27, 2023 Post a Comment

I'm developing a php website, where users are allowed to add products with descriptions, images etc. I am receiving the user input using POST method. But, if the users know the for

Solution 1:

Probably the best way to provide security to your Forms are by adding a CSRF Token to your form (http://en.wikipedia.org/wiki/Cross-site_request_forgery).

How it works is every time you render a form you generate a pseudo random code and store it in a session variable and also put the same code as a hidden input in your form.

So when the user posts the form you can validate to see if the csrf tokens are the same.

There is another thread about this so you can maybe take a look at that (How to properly add CSRF token using PHP)

Solution 2:

You could use the header to allow only post coming from your url:

header('Access-Control-Allow-Origin: http://yoururl.com');

Cheers

Solution 3:

You could check against the:

$_SERVER['HTTP_REFERER']

Variable, but this can be falsified so be careful.

You'd be better off using some hidden inputs that are set to values which must be equal to the set fields for the insert to happen (the name for this technique escapes me at the moment).

i.e.

<inputtype="text"id="areyouhuman" name="areyouhuman" value="123456001" />

Hide it with CSS:

#areyouhuman{
     display:none;
}

Hope that helps a little?

P.S. I HATE Captcha's too!

JavaScript Frameworks

How To Get The Referrer Url Of Post Request In Php?

Solution 1:

Solution 2:

Solution 3:

Post a Comment for "How To Get The Referrer Url Of Post Request In Php?"