How to save form data only if it comes from a particular website?

Question

How to save form data only if it comes from a particular website?

Asked 7 years, 11 months ago

Viewed 21 times

3

Hello, I have a form that is being used on another site and saving in my database, through a php action that is on my server. But I would just like to save the data if the form comes from the domain of this site. How can I do?

1 answer

Browser other questions tagged php mysql

You are not signed in. Login or sign up in order to post.

by Miguel • **29,306** points · Answer 1 · 2016-12-16T19:37:18+00:00

0

You can check the sender domain like this:

$_SERVER["HTTP_REFERER"]; // http://www.exemplo....

But I have to warn you that this is an editable parameter in the request, one can 'fake':

if($_SERVER["HTTP_REFERER"] != 'url autorizado') {
    echo 'URL inválido';
    die();
}

Thanks for the answer. In the case of HTTP_REFERER it picks up the whole url, right? Is there a way to do a domain verification of the site? Because the form will appear on other pages too

– cpbox

2016/12/16 at 19:59
Ah, I did it using parse_url to check the domain. Vlw again for the answer!

– cpbox

2016/12/16 at 20:13
You’re welcome @cpbox .

– Miguel

2016/12/16 at 20:27