I'm putting the finishing touches on a project i'm quite proud of so far.
I want to ensure, though, that nobody can mess up the appearance or opeation of my scripts. This is a multi-user program, and the way it's configured screens out the possibility of anyone entering bad data.
EXCEPT:
It's entirely feasible that somebody could "View Source" then edit the HTML, then run it locally, allowing them to enter whatever they like. I don't have any CGI blockers in place to prevent this, I rely on the form itself to restrict the data for the most part.
I'm sure there's GOT to be a way to check that my script is being run FROM the server, thus ensuring the validity of the code (I know, unless someone gets into it, but that's a risk I'm willing to take.)
My concern is just that people don't edit the HTML locally, and then have the botched file transmit the data to the server. I am not interested in coding CGI restrictions for the data itself due to the wide variety of content I want to accept.
Thanks, I appreciate it.
I want to ensure, though, that nobody can mess up the appearance or opeation of my scripts. This is a multi-user program, and the way it's configured screens out the possibility of anyone entering bad data.
EXCEPT:
It's entirely feasible that somebody could "View Source" then edit the HTML, then run it locally, allowing them to enter whatever they like. I don't have any CGI blockers in place to prevent this, I rely on the form itself to restrict the data for the most part.
I'm sure there's GOT to be a way to check that my script is being run FROM the server, thus ensuring the validity of the code (I know, unless someone gets into it, but that's a risk I'm willing to take.)
My concern is just that people don't edit the HTML locally, and then have the botched file transmit the data to the server. I am not interested in coding CGI restrictions for the data itself due to the wide variety of content I want to accept.
Thanks, I appreciate it.