Hello all! I have written a helpdesk ticket webapp which uses many
My question is, a) is there a way to prevent access from users trying
to access the php scripts via a URL..ex..
and if so, b) what is the best way to do this? I can't hide these in a
different, non-web directory because then I can't access the scripts
once the page loads. I'm sure this is a simple yes there is or no
there isn't a way type question, but I can't figure out what to do.
Any input is greatly appreciated, and if I missed this in a previous
post I apologize, I tried searching and couldn't find any posts related
to this. Thanks!!
Only thing you can do is make sure a person is authenticated.
ANother thing you can do is have a session type of variable that goes along
with the request. Sort of like a key for that current login. Therefore if
they take the link, it will work only work the next time.
Another thing is to skip GET and use POST
On 1/2/07, geek7 <email@example.com> wrote:
On Jan 10, 5:27 pm, "Eric Pascarello" <alienf
> Another thing is to skip GET and use POST
But, like get, post can also be faked (i.e. built up away from your web
app), albeit with more time involved.