Hello Robert,

Thursday, April 8, 2004, 7:13:27 PM, you wrote:

RC> Aaah ok. That makes more sense to me :) Sorry was confused by the use of
RC> the word redirect. Thought you were redirecting the user to an alternate
RC> script with the reposted data. I'm not sure I understand how this is
RC> more secure since isn't the data as valid as the first time it was
RC> posted?

It's not about the validity of data, that is handled by the receiving
script - it's about knowing for sure WHERE that form data came from in
the first place. For example it would stop something along the lines
of a user downloading your form, modifying some values and then
posting it from their local box. It could also stop another web-site
automatically posting data to your forms should they mask the referer
value.

Hope that makes more sense.

-- 
Best regards,
 Richard Davey
 http://www.phpcommunity.org/wiki/296.html

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to