http://qs321.pair.com?node_id=146208


in reply to Preventing changes on the

You cannot solve this by making HTTP_REFERER checks. HTTP_REFERER can be spoofed. In fact, almost everything that goes into your script can be spoofed, which is why the answer to your question is "no". The way to solve your problem is by not accepting a user without more authentication.