prevent access a file through url

neechee

I have a php file (delete.php) that will delete user's file when he has login properly. The file will be executed with the login information through a post method. How can i prevent some one to access this file by passing the information through url and access this file directly?

Anon

Make the file check the HTTP_REFERER to make sure it comes from a valid location. This way the someone can't just type it into the URL. Also you should make any scripts like this only use data that is POSTed. I know this won't keep a determined person from using it, but it will prevent the average from wreaking havoc.