just copy this code:
Code:
// receiving script...
//
// You need to pass the value of $task from the calling script to the receiving script. While
// this may appear dangerous, it still only allows a one shot at the receiving script, which
// effectively stops flooding.
// page verify by retro
class page_verify
{
function __construct()
{
if (session_id() == '') {
session_start();
}
}
function create($task_name = 'Default')
{
global $CURUSER, $_SESSION, $INSTALLER09;
$session_task = isset($CURUSER['id']) ? $CURUSER['id'] : $INSTALLER09['bot_id'];
$_SESSION['Task_Time'] = TIME_NOW;
$_SESSION['Task'] = md5('user_id:'.$session_task.'::taskname-'.$task_name.'::'.$_SESSION['Task_Time']);
$_SESSION['HTTP_USER_AGENT'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
//$_SESSION['HTTP_USER_AGENT'] = $_SERVER['HTTP_USER_AGENT'];
}
function check($task_name = 'Default')
{
global $CURUSER, $INSTALLER09, $lang, $_SESSION;
$returl = (isset($_SERVER['HTTP_REFERER']) ? htmlsafechars($_SERVER['HTTP_REFERER']) : $INSTALLER09['baseurl']."/login.php");
$returl = str_replace('&', '&', $returl);
if (isset($_SESSION['HTTP_USER_AGENT']) && $_SESSION['HTTP_USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) stderr("Error", "Please resubmit the form. <a href='".$returl."'>Click HERE</a>", false);
$session_task_id = isset($CURUSER['id']) ? $CURUSER['id'] : '';
if (isset($session_task) && $session_task != md5('user_id:'.$session_task_id.'::taskname-'.$task_name.'::'.$_SESSION['Task_Time'])) stderr("Error", "Please resubmit the form. <a href='".$returl."'>Click HERE</a>", false);
$this->create();
}
}
?>
and save as page_verify.php on /include/class/.
verify on config.php if you have this line.
$INSTALLER09['bot_id'] = 2;