I have a mainpage with a loginform that posts the login to a loginscript.
I only want the script to authorize the login if the posted login comes from a specific URL from my site.
I do it like below but if any variables are attached to the main.php file it doesn't work any longer, IE main.php?id=33. Any easy way to get around this?
if ($_SERVER["HTTP_REFERER"] != 'mydomain.com/main.php') {
echo "An error occured...";
exit();
}
