Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Right now I have a form actioning to itself. There is some code the checks if the user is meant to be there. Is there a way to stop the script from running certain sections of code if it was actioned to itself after pressing submit.
I was thinking about using a SESSION variable to check against but I’ve gotten all muddle in my head :p
Any ideas?
Sure. If you’re self-submitting form actions, just check if
$_POSTis empty (assuming you’re POST’ing to your form)When I do PHP I use an input-element in my form template, like this:
… and in the PHP page, I check if the POST was self-submitted like so:
This is not secure though. If you want to reap the full benefits of self-submitting, you should try to counter Cross-site request forgery (XSRF) by challenging the client with a random token, and asking the client to repeat it.
Like embedded a hidden input in your form something like this: