hi there guys,

I'm playing with some anti-spam stuff, and I'm trying to do the following:

I want to generate a random value(done). Then I want the value to be passed to another page. That page checks to make sure that the value is set, and if it isn't, it doesn't allow the form to go through.

I know that I could put it in the form, but it seems to allow for too much manipulation.

I also know that I could start a session and pass it that way, but that also seems overkill for something so simple.

I have tried:

if(!ISSET($_POST['foo'])){

but of course that didn't work, as it's not in the form.

if(!ISSET($foo)){

but I suspect that globals being off defeats this method.

I know that I am probably missing a very obvious method, but could someone tell me how I get the value for $foo to pass from form.php to submit.php?

Any help would be greatly appreciated!

thanks,
json

    schwim wrote:

    I also know that I could start a session and pass it that way, but that also seems overkill for something so simple.

    No easier way?

    thanks,
    json

      I would probably use a session, as it's really quite simple to do. All you need is a session_start(); at the start of each applicable file, and then save/read the value(s) of interest to the $_SESSION array. I can't think of any other solution that would be simpler.

        Ok guys, thanks very much to both of you. I thought there would be a simpler way to declare a value outside of a form.

        Another question. Do you feel it's a fairly secure method of sending a value without much fear of manipulation?

        I know that nothing is perfect, I'm just wondering if I should look for a more secure method.

        thanks,
        json

          When you use a session, the only value that is exchanged with the client is the session ID (in the session cookie), so the user can not manipulate the value saved in the $_SESSION array, which is stored on the server.

            Seems not only are my fears unfounded, but it may be the safest way to do it, huh?

            thanks again for your help.

            json

              There are a few security issues with sessions. If you are dealing with any sort of sensitive data, you may want to take a look at this article for the most common PHP session threats and how to deal with them.

                Hi there nogdog.

                thanks very much for the link. I'm reading it now, but for my very simple requirements, I don't think that it's as sensitive as it would be if I were trying to pass the type of data that they're talking about.

                thanks,
                json

                  Write a Reply...