Matthew1980 - 5:07 pm on May 15, 2010 (gmt 0)

Hi there Marked,

And then: if(isset($_POST['hidden_field']) && ($_POST['hidden_field'] == "hidden_field")) { //run code doRedirect($_SERVER['REQUEST_URI']); exit(); }

Ok, so your checking the key, at least check the value of the key to see if it is what it should be, after all it could be set, but with a completely different value from what you assigned to it, kinda like rocknbil suggests :)

I find that checking both value and key is better as you can then direct the script accordingly, and as jatar_k says, keep the files seperate, or direct to a dedicated file so that you can then show the user something else after they have posted, or redirect back to the same page if an error arises ie: blank field; illegal data etc, etc.

Hope this helps ;)

Cheers,
MRb