Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

Untitled

By: a guest on Jun 17th, 2012  |  syntax: None  |  size: 0.94 KB  |  hits: 21  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. Form post security. Making sure it did not come from outside source
  2. <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
  3.     <input type="text" name="post" id="post" />
  4.     <input type="submit" name="submit" id="submit" />
  5.  </form>
  6.        
  7. <?php
  8.     session_start(); // don't forget that you need to call before output (place first, or use ob_start()
  9.     $_SESSION['formhash'] = md5(date('Y-m-d H:i:s').'2fiaSFI#T8ahugi83okkj');
  10. ?>
  11. <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
  12. <input type="text" name="post" id="post" />
  13. <input type="hidden" name="hash" id="hash" value="<?php echo $_SESSION['formhash']; ?>" />
  14. <input type="submit" name="submit" id="submit" />
  15. </form>
  16.        
  17. <?php
  18.     session_start(); // don't forget that you need to call before output (place first, or use ob_start()
  19.     if (isset($_SESSION['formhash']) && isset($_POST['hash']) && $_SESSION['formhash']==$_POST['hash']) {
  20.         // treat $_POST
  21.     }
  22. ?>
create a new version of this paste RAW Paste Data