I'm writing this topic and I hope someone could help me with my problem . Like we all know curl (client url) is a function that help people to send data automaticaly to the server without fill in forms for examples . But spammers do something bad with this method and this is my problem I just received a big spam from curl post (the spammer sent a message to aml users in mywebsite ) because I'm using a normal Id , with auto_increment .
That's why I'm here asking for help If someone can help me I want user_id
to to be like this in place of 3 = 9j0h8j
(or anything) . If someone know another method to prevent me from auto Curl
post please tell me and thanks To stackoverflow for this great website.
如何防止卷曲垃圾邮件
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
- 邀请回答
-
1条回答 默认 最新
- douge7771 2013-08-29 01:57关注
Why not use a Captcha on any form that you submit? Bots cannot read those and you would prevent the post with an invalid captcha. For example: http://www.phpcaptcha.org/
If not using Captcha, then you need to look into different methods to prevent CSRF (Cross Site Request Forging). Here is a cheat sheet on what it is and some different methods on how to prevent it - https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet and they even make a framework for PHP that generates a unique key for each form, effectively only allowing inputs to come from a form that was rendered on from your site - https://www.owasp.org/index.php/PHP_CSRF_Guard
解决 无用评论 打赏 举报
悬赏问题
- ¥15 ogg dd trandata 报错
- ¥15 高缺失率数据如何选择填充方式
- ¥50 potsgresql15备份问题
- ¥15 Mac系统vs code使用phpstudy如何配置debug来调试php
- ¥15 目前主流的音乐软件,像网易云音乐,QQ音乐他们的前端和后台部分是用的什么技术实现的?求解!
- ¥60 pb数据库修改与连接
- ¥15 spss统计中二分类变量和有序变量的相关性分析可以用kendall相关分析吗?
- ¥15 拟通过pc下指令到安卓系统,如果追求响应速度,尽可能无延迟,是不是用安卓模拟器会优于实体的安卓手机?如果是,可以快多少毫秒?
- ¥20 神经网络Sequential name=sequential, built=False
- ¥16 Qphython 用xlrd读取excel报错