在創建表格,你可以使用:
<?php
session_start(); // don't forget that you need to call before output (place first, or use ob_start()
$_SESSION['formhash'] = md5(date('Y-m-d H:i:s').'2fiaSFI#T8ahugi83okkj');
?>
<form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
<input type="text" name="post" id="post" />
<input type="hidden" name="hash" id="hash" value="<?php echo $_SESSION['formhash']; ?>" />
<input type="submit" name="submit" id="submit" />
</form>
你需要檢查時,有人張貼的職位要求有正確的哈希值。你可以使用:
<?php
session_start(); // don't forget that you need to call before output (place first, or use ob_start()
if (isset($_SESSION['formhash']) && isset($_POST['hash']) && $_SESSION['formhash']==$_POST['hash']) {
// treat $_POST
}
?>
設置窗體上的隱藏字段與每個負載設置一個隨機值,多數民衆贊成,但如果表單提交,或使用CAPCHA相比。 – 2011-05-15 15:51:34
或用javascript轉義隱藏表單,所以一個機器人需要先將其忽略掉 – 2011-05-15 15:55:04