In order to prevent people from submitting data to our forms from some other site, we'd like to check the referrer and see if the request came from our site or not.

Unfortunately, I understand that $_SERVER['HTTP_REFERER'] is not reliable; it can be modified easily by any user who knows what they're doing. Therefore, I was wondering if there's a more reliable method for this? And if not, is there a well-known method of achieving the same results (preventing people from submitting data from their own pages and decoying them as one of ours)?