Hello Robert, Thursday, April 8, 2004, 7:13:27 PM, you wrote:
RC> Aaah ok. That makes more sense to me :) Sorry was confused by the use of RC> the word redirect. Thought you were redirecting the user to an alternate RC> script with the reposted data. I'm not sure I understand how this is RC> more secure since isn't the data as valid as the first time it was RC> posted? It's not about the validity of data, that is handled by the receiving script - it's about knowing for sure WHERE that form data came from in the first place. For example it would stop something along the lines of a user downloading your form, modifying some values and then posting it from their local box. It could also stop another web-site automatically posting data to your forms should they mask the referer value. Hope that makes more sense. -- Best regards, Richard Davey http://www.phpcommunity.org/wiki/296.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php