Hi,
Recently, i was coding up a simple mail sender for wapsites.
I thought maybe to create a feature for those who don't have server-side scripting knowledge and back links to their sites but my problem is this.
Lets say i've created a form called forma.php with stuffs like

HTML Code:

<form action="sendmail.php" method="get">
Sitename: <input name="sn" type="text" />
Logo Url: <input name="logourl" type="text" />
<input type="submit" value="submit" />
</form>

then maybe when the user wants to link to his site, he should get something like:

http://mydomain.com/sendmail.php?sn=...hislogourl.com

Where my problem lies is how to display the above address to the user "alone" who registered in my site for such service.
Pls remember i said "to the person registering alone"
Can anyone help?

Include a challenge as a hidden field in your form.
This should level up the security enough.

In your user db, have an uid, or hash field, that you update with a new random generated value on each access.
Put that value in the form as a hidden field.

Now, when a submit is done, compare that the value in the db match the one in the form.
If it does, then the POST is (or at least, should be with a high probability) legitimate.
If not, well, it may be a forged post, or that the user had several windows/tab opened on the same page, and that the challenge is not valid anymore.

With this, you don't limit where the requests are coming, but you validate against forging.

Well thanks but i'm not making use of dbase cos i'm new and i don't have full knowledge of it yet.

Pls see this demo @ http://mobilust.net/freeemail/createfreeemailsender.asp
and see what i mean. I want to have something similar to that.
Thanks for replying.