I reckon every page that has a form will need a unique ID generated. How would one go about storing, retrieving, and verifying this ID in an online environment?
Would you create a new database and run an INSERT query on every page that has a form on it? Followed up by a SELECT query on the forms target page to verify?
Would you then need to manually run a script that checks for old IDs to delete them? Or is there a more efficient method to all of this?
Edit: This is to prevent a script that executes a major action with a relatively simply query from being abused. Say limited_event.php can be POSTed to with a createNewReservationAutomatically variable that does just that, creating a temporary reservation with whatever contact details were submitted for manual verification later.
If the script is requested repeatedly with those variables, it will eventually fill up all available spots (and generally flood your database).
From my understanding referring URIs can be spoofed and are thus unreliable. What's a web developer to do? You have my upvote if you don't say recaptcha.
Aucun commentaire:
Enregistrer un commentaire