How do I ensure that the form submission to a script on my
server is coming from my server, and not from a form someone
else pieced together (in an attempt to hack my system)?  I
assume I need to check the referer information, but beyond that,
I'm not sure where to start.

Thanks!

One approach could be generate an nsv id that would consist of a list containing the referer page and time created. Example on your form input page: <P>

set tag_id [nsv_incr . security_tag_id] <BR>
nsv_set form_security_tags $tag_id [list [ns_time] [ns_conn url]]<P>

Also send the tag_id in the form as a hidden variable


Then in your target page call a validify proc that would check for the existence of the tag_id form variable, the existence of the nsv array variable, and confirm that the referer matches up.
<P>
You time stamp in the nsv_array makes it easy to schedule a procedure to cycle through the array and flush out any values that you may wish to expire after a certain time period.

Yes the referer can be faked but the tag id  that is generated on the server is the main part of the security. Since it is generated and exists only for a limited time and if you purge the id as soon as used in addition to frequent purging of all expired tags it will buy you a little more security than nothing.  This approach could also be extended for a simple double click protection.