Hi
Sorry, I just don't have the time, but something like this could be enough
....
Create a PIN.
iPIN = Year(Date) + Month(Date) + Day(Date)
<form .... >
<input type="hidden" name="intPIN" value="<%=iPIN%>"
....
</form>
Form is submitted
iPIN = Year(Date) + Month(Date) + Day(Date)
If iPIN <> CLng(Request.Form("intPIN")) Then
' Not submitted from form
End If
Obviously this would allow any referrer who copied the form 'today' and
also, those who display the form before midnight and post it afterward will
have a problem, but you get the idea.
"Just1Coder" <ju********@yahoo.ca> wrote in message
news:uo**************@TK2MSFTNGP10.phx.gbl...
Could you post an example? Or a link?
David Morgan wrote: No, you cannot rely on the referrer any more as some anti-virus/firewall
software stops the browser from sending that information.
You would check to see that the
Request.ServerVariables("HTTP_REFERER") =
"http://www.YourDomain.com/YourFormPage.asp"
You need to set some random value in the form and then check it's there
and valid when you process it. You could do it with a database and the
visitors IP address but it's a bit like overkill.
Regards
David
"Just1Coder" <ju********@yahoo.ca> wrote in message
news:41**************@yahoo.ca...
James wrote:
Might want to look into:
Request.ServerVariables("HTTP_REFERER")
"Just1Coder" <ju********@yahoo.ca> wrote in message
news:OP*************@TK2MSFTNGP11.phx.gbl...
>How can I prevent posting of a form from any other site but the site
the>form lives on?
Yeah... that's what I was thinking...
Currently the form posts to itself...
On one of the first lines I do a check to see if http_referer = ""
Is that enough?