Menu
I have an HTML form that upon submission calls a PHP script. That script loads the fields into variables and then inserts them into a mySQL table.
What’s the best way to check that the referring page is valid?
The script I inherited has the following code:
[CODE]
if (
($_SERVER[‘HTTP_REFERER’] == ‘http://xyz.org/Membership.php’) OR
($_SERVER[‘HTTP_REFERER’]== ‘http://www.xyz.org/Membership.php’)
){
echo ‘<META http-equiv=”refresh” content=”0;URL=/”>’;
}
else die(‘Referer site check failed’);
Is this reasonable? I’ve read that not all browsers support or send referers. Is the echo necessary?
Thanks,
DJ