dousi6303 2014-08-09 00:24
浏览 12
已采纳

阻止用户通过URL注册[关闭]

So what I'm planning on doing is basically have users sign up through an app, I plan on doing this using a REST API. Since I've never done this, I'm understanding a bit of exactly what it is. So what would happen is the user would sign up and I'd pass data like this.

http://localhost/signup/index.php?name=Joe&email=email@email.com

But since its an app, I don't want people signing up like that over a URL. So my question is, how can I approach this? I know I'd work with JSON for all the other stuff, but is there a safer way to do all of this?

  • 写回答

1条回答 默认 最新

  • dongwei8729 2014-08-09 00:41
    关注

    I think you can use either http get or post and that you have several options:

    • Check the referrer url so that it's your url and not an unknown
    • Use a preview / confirm url so that users must preview and confirm their signup
    • Use a token (a one-time ticket or session ID) from your form
    • Use an http session variable that you issue in step 1 and varify in step 2
    • Check HTTP header and adjust server so that it only accepts "legal" connections

    I would use a framework to not reinvent what's already been done. Application frameworks and APIs already have user models and signup applications that you could reuse.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 #MATLAB仿真#车辆换道路径规划
  • ¥15 java 操作 elasticsearch 8.1 实现 索引的重建
  • ¥15 数据可视化Python
  • ¥15 要给毕业设计添加扫码登录的功能!!有偿
  • ¥15 kafka 分区副本增加会导致消息丢失或者不可用吗?
  • ¥15 微信公众号自制会员卡没有收款渠道啊
  • ¥100 Jenkins自动化部署—悬赏100元
  • ¥15 关于#python#的问题:求帮写python代码
  • ¥20 MATLAB画图图形出现上下震荡的线条
  • ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘