Indian Posted June 22, 2009 Report Share Posted June 22, 2009 (edited) Q) Kādi ir droši veidi nepieļaut formas iesniegšanu no citām lapām? 1) Cik zinu ir veids [HTTP REFERER], bet to var viegli apiet. 2) Cik drošs ir šis http://net.tutsplus.com/tutorials/php/secu...with-form-keys/ ? Vēlos uzzināt jūsu domas par šo! Edited June 22, 2009 by Indian Quote Link to comment Share on other sites More sharing options...
bubu Posted June 22, 2009 Report Share Posted June 22, 2009 Tāda veida nav. Browseri emulēt ir diezgan triviāli. Quote Link to comment Share on other sites More sharing options...
J0ke Posted June 23, 2009 Report Share Posted June 23, 2009 maybe reCAPTCHA? Quote Link to comment Share on other sites More sharing options...
Klez Posted June 23, 2009 Report Share Posted June 23, 2009 izmanto https jebšu ssl http://css-tricks.com/serious-form-security/ Quote Link to comment Share on other sites More sharing options...
Aleksejs Posted June 23, 2009 Report Share Posted June 23, 2009 Klez... Es laikam esmu sācis līgot... :) Bet neredzu ar SSL nekādu sakaru tavā dotajā saitē :) Quote Link to comment Share on other sites More sharing options...
bubu Posted June 23, 2009 Report Share Posted June 23, 2009 Klez, kā SSL novērsīs iespēju man uzrakstīt skriptu, kas submitēs tavas lapas forumu no jebkuras citas vietas? Quote Link to comment Share on other sites More sharing options...
Klez Posted June 23, 2009 Report Share Posted June 23, 2009 ar ssl var panaakt to, ja tu no manas lapas savaa ieliksi manu formu, tad userim izmetīs to ka sertifikāts nepieder tavai lapai. bet postēt uz formu tas neko nepalīdzēs .. tam linkam arī nav nekāda sakara ar ssl ... ja negribi lai citi postē tavā formā, izmanto reģistrāciju. var taisīt variantu kā ir ar banku sistēmām (ssl) un dinamiskās atslēgas ... te bija kaut kur apspriests par "bank link" bet tajā linkā ir diezgan laba metode kā no tā pasargāties .. (tas form key) Quote Link to comment Share on other sites More sharing options...
bubu Posted June 23, 2009 Report Share Posted June 23, 2009 Nesapratu par to savā lapā tavu formu.. Es lietotu curl vai kaut ko analoģisku un nekādu problēmu ar ssl. Arī darbību ar interneta banku var emulēt, ja ļoti ļoti gribās. Quote Link to comment Share on other sites More sharing options...
Klez Posted June 24, 2009 Report Share Posted June 24, 2009 nu pret to īsti aizsardzības nav ... jāizmanto logošanās + kādu jautāumu pie vai bildi atpazīt ..... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.