防止外部post提交
- WBOYOriginal
- 2016-06-13 10:11:161659browse
关于防止外部post提交的研究
老话题今天又研究了一下:目前我觉得有效的办法还是只有一个,图片验证码。
其它几种行不通的方法:
1.判断HTTP_REFERER,实际上这个信息是浏览器给服务器的,所以完全可以模拟
2.判断session 代码如下:
session_start();
if(isset($_POST['name']) && !empty($_POST['name'])){
if($_POST['check']==$_SESSION['check']){
echo '正常访问';
}
else{
echo '外部访问';
}
}
$token=md5(uniqid(rand(),true));
$_SESSION['check']=$token;
?>
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:php 安全过滤代码Next article:最新感染PHP及网页文件的病毒PHP.Alf