[nycphp-talk] <a href> vs. <form> request
max at idsociety.com
Thu Apr 17 12:10:43 EDT 2003
This is a fairly vague problem, so I'll give my suggestion to what I
think you are trying to do.
On each non-local website do something similar to this:
<a href="#" onClick="return linkCreate();">Click Me</a>
(where example.com is your server)
On your server you would have link_creator.js be a PHP script that
the referrer, and the remote IP address, and any other information you
variable for that site like link_creator.js?site=www.remotesite.com
The PHP would create a one time use hash, depending on if
all of your security requirements have been met which then is inserted
into the temporary table along with the remote IP, referrer etc.
just changes the browser's location to the link you have created.
This would cause some heavy traffic load, especially if all of the
remote sites get a lot of traffic. This would allow you to make
one-time-use hashes that would be required for a successful page load on
your server. Once the unique hash has been found in the query string,
you just expire it on the database.
Not sure if that would help, but it may be relevant.
Jerry Kapron wrote:
> I'm trying to figure out how I can restrict people to using an <a href> link
> to send a request to a script.
> To be more specific I don't want them to send requests by submitting a form.
> In case they do the script would respond with '401 Unauthorized' header or
> something to that effect. For a while I thought I had a solution.. by
> looking for an additional GET var which would reflect the presence of a
> 'Submit' button, but then I realized that a form may be easily submitted
> I know it may seem like I worry too much, but in this project security is
> *extremely* important.
> I hope someone comes up with some clever idea.. my brain needs a reboot to
> maintenance mode for a few hours..
> 42.7% of all statistics are made up on the spot.
> -----Original Message-----
> From: Jim Musil <jmusil at villagevoice.com>
> To: NYPHP Talk <talk at nyphp.org>
> Date: Wednesday, April 16, 2003 5:48 PM
> Subject: [nycphp-talk] Utf and latin 1
>>I have two different character encodings on my page. Is there anyway to
>>convert utf-8 characters into latin1 characters via php?
>>Village Voice Media
>>36 Cooper Square
>>New York, NY 10003
>>(212) 475-3300 ext 14003
>>JMusil at villagevoice.com
> --- Unsubscribe at http://nyphp.org/list/ ---
More information about the talk