You could do it with a session cookie as well. Matt Matt Elrod wrote: > You can have your form send a token to your cgi. I sometimes have > the form insert a unix timestamp in a hidden field and then reject > post data if it comes in too fast or too slow.