Destramic Posted December 15, 2014 Share Posted December 15, 2014 hey guys im making a script where the user gets redirected...but im wanting to make sure the redirection is within the same domain and not being shipped off to another site when using ($_SERVER['HTTP_REFERER']) now what im using seems to do the trick but im wondering if there is a better method of doing this?...i dont want to use regex either thank you guys <?php $match = strpos("http://127.0.0.1/login", $_SERVER['SERVER_NAME']); if ($match && $match > 0 || $match === 0) { echo "domain match"; } ?> Link to comment https://forums.phpfreaks.com/topic/293117-domain-match/ Share on other sites More sharing options...
QuickOldCar Posted December 15, 2014 Share Posted December 15, 2014 I guess this depends on how are actually doing it. $_SERVER['HTTP_REFERER'] can be spoofed You can do a check what the ip is though $remote_ip = $_SERVER['REMOTE_ADDR']; if (strstr($remote_ip, ', ')) { $ips = explode(', ', $remote_ip); $remote_ip = $ips[0]; } if($remote_ip == "192.168.1.2"){ //use servers ip echo "from my server"; } Link to comment https://forums.phpfreaks.com/topic/293117-domain-match/#findComment-1499674 Share on other sites More sharing options...
Destramic Posted December 16, 2014 Author Share Posted December 16, 2014 thank you for your post i got what i was after using if ($_SERVER['SERVER_NAME'] === parse_url($url, PHP_URL_HOST ) ) { return true; } thank you again Link to comment https://forums.phpfreaks.com/topic/293117-domain-match/#findComment-1499777 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.