0

I am making a website where at some point I want some users to fill in a form, currently these users have to register and then login and fill in the form. However I had the idea that as it's only one form and the users are forgetful of passwords etc etc and keep ringing me with problems, that I will just send them a link to the page with a the form.

I don't however want anyone else to be able to access the form by typing in the URL and as such also have bots be able to access the form and spam my inbox. So is there a way to incorporate a kind of secure pass thing into the link and php page, kinda like www.mylink.php?pass='yhgdfu8' if you get my drift.

Any help appreciated.

Thanks in advance.

Ian

EDIT: Just to clarify im not suggesting putting the password into the URL, maybe having a Table of emails that i will be sending out and then only allowing access to the page if the email coming from matches that on the table, is that possible?

snookian
  • 863
  • 6
  • 13
  • 35
  • 1
    Maybe, checking the referer you have all you need... – Eleazan Jul 23 '13 at 14:24
  • If you put the password in the URL, then anyone will be able to access the form by "typing in the URL". – Quentin Jul 23 '13 at 14:24
  • Yeah i get that putting the password in the URL wont work which is why im asking for help with somethign where the link can get me in, not actually saying i want it that way – snookian Jul 23 '13 at 14:27

1 Answers1

0

Have a look at

$_SERVER["HTTP_REFERER"];

You can restrict based on the value of this variable, but it is not perfect.

Important Note - http://php.net/manual/en/reserved.variables.server.php

Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.

Some more information: How reliable is HTTP_REFERER?

Community
  • 1
  • 1
Kirk Backus
  • 4,776
  • 4
  • 32
  • 52