I'm working on a MOD that will allow people to rank posts:
[img]http://img207.imageshack.us/img207/7137/modss.png[/img]
(NOTE: It will be prettier when I'm done).
Now, I need to add a row to the new 'vote' table when you click on the appropriate link. What's the best way to safely send this data to the file that will actually do the upload? If I just use a regular link than I am susceptible to CSRF. But if I use a POST form, people could still edit that data on their end, and then POST it.
What do you guys think I should do?
Safe submission of data
-
blazes816
- Supporter
- Posts: 187
- Joined: 07 Oct 2006, 03:00
- Real name: Tyler
- Location: Wichita, Kansas
- Contact:
Safe submission of data
User Number 9e071a3a594a8964cbefe784f8a6afaa94c0de17
My MODs: http://github.com/blazes816/MODs
My MODs: http://github.com/blazes816/MODs
Re: Safe submission of data
I would recommend link hashes. There's some functions in includes/functions.php that could help with that.
-
blazes816
- Supporter
- Posts: 187
- Joined: 07 Oct 2006, 03:00
- Real name: Tyler
- Location: Wichita, Kansas
- Contact:
Re: Safe submission of data
Thanks! I'll look into it. Although I do think I have a plan, but if that would work better I'll check it out.
User Number 9e071a3a594a8964cbefe784f8a6afaa94c0de17
My MODs: http://github.com/blazes816/MODs
My MODs: http://github.com/blazes816/MODs