neo Posted June 8, 2011 Report Share Posted June 8, 2011 (edited) Sveiki! Ir sekojosha problema: ir divi faili index.php un home.php index.php <iframe name="home_form" src="home.php" width="100%" height="600" scrolling="no" frameborder="0"> </iframe> ir japanak lai nevaretu versties pa taisno pie home.php no browsera. Respektivi kaut ka janocheko, ka viss tas pasakums strada caur iframe. Ir kadas idejas? Edited June 8, 2011 by neo Quote Link to comment Share on other sites More sharing options...
Rincewind Posted June 8, 2011 Report Share Posted June 8, 2011 Varbūt: index.php $_SESSION['iframe'] = random skaitlis; <iframe name="home_form" src="home.php?id=<?php echo $_SESSION['iframe']?>" width="100%" height="600" scrolling="no" frameborder="0"> </iframe> home.php if($_GET['id']!=$_SESSION['iframe']){ die(); } Quote Link to comment Share on other sites More sharing options...
neo Posted June 8, 2011 Author Report Share Posted June 8, 2011 Nesanaaks. Var redzeet to $_SESSION['iframe'] vertibu urlaa. Quote Link to comment Share on other sites More sharing options...
Rincewind Posted June 8, 2011 Report Share Posted June 8, 2011 Ā, nu jā. Vēl derīguma termiņš tai vērtībai jāpieliek, kādas 5-10 sekundes. 100% aizsardzības te būt nevar, ja ļoti gribēs tad tāpat apies. Quote Link to comment Share on other sites More sharing options...
rATRIJS Posted June 8, 2011 Report Share Posted June 8, 2011 Mosh kaut kaa taa. // index.php $_SESSION['super-secret'] = 'super-secret'; render_iframe(); // home.php if(!isset($_SESSION['super-secret'])) die; unset($_SESSION['super-secret']); continue_to_do_things(); Vispirms tiks uzstaadiits sesijas mainiigais. Tad naakamais solis buus iframe ielaade, kas ielaadees to home.php, kursh nochekos vai tas sesijas mainiigais ir pieejams un izdzeesiis to. Taatad ejot pa taisno uz home.php sesijas mainiigais nebuus pieejams. + veel var skatiities referer'us un taa... Quote Link to comment Share on other sites More sharing options...
codez Posted June 8, 2011 Report Share Posted June 8, 2011 Vari pārbaudīt, lai $_SERVER['HTTP_REFERRER'] ir no tava domeina index.php Quote Link to comment Share on other sites More sharing options...
neo Posted June 8, 2011 Author Report Share Posted June 8, 2011 OK, tnx visiem. Izskataas sapratu virzienu. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.