I have 2 script. That's :
Sometimes someone open the link direct into process_registration.php, so how can I prevent that ?
Process_registration.php function is to save the data get from input from registration.html.
Any idea ?
You can use :
if (!isset($_POST['field'])) {
die();
}
at the top of your process_registration.php file.
Of course, replace field
by one of your existing fields in your form.
If you're against flooders that does register several accounts using scripts, you may use a captcha field on your registration form, or use protections against crawling .
Just another method:
if (empty($_POST)) {
exit("Direct access not allowed");
}
Just more flexible with the object names. For extra security, you should put this in your form:
<input type="hidden" value="9957374" name="hiddenvalidate" />
and in your script:
if (!isset($_POST['hiddenvalidate']) || $_POST['hiddenvalidate'] != 9957374) {
exit("Direct access not allowed");
}
You can check if the current request is a POST type (if you use a form)
if($_SERVER['REQUEST_METHOD'] == 'POST')
and you can also check if all required variables are set.
You can use $_POST
array in process_registration.php for this like :
if(!isset($_POST['yourvariable'])){
//Redirect to registration page
}
You can also use PHP Session for it. If session is not set then redirect user to registration page.
I like the way Joomla
handles this issue.
On every php page in Joomla, you will see the following code:
// No direct access
defined('_JEXEC') or die; // it's a config setting
Only the top-level pages have this variable included in them. All other files, if opened directly, close, thereby preventing any accidental misuse/data loss.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.