Jump to content

HTTP_REFERER


eaglelegend

Recommended Posts

include("header.php");

$eaglelegend = "eaglelegend.com"; //Your site url without http://

$eaglelegend2 = "www.eaglelegend.com"; //Type your domain with www. this time

 

$referer = $_SERVER['HTTP_REFERER'];

 

//Check if browser sends referrer url or not

if ($referer == "") //If not, set referrer as your domain

    $domain = $yoursite;

else

    $domain = parse_url($referer); //If yes, parse referrer

 

if($domain['host'] == $eaglelegend || $domain['host'] == $eaglelegend2) {

    //Run your dowloading code here normally

} else {

    //The referrer is not your site, we redirect to your home page

    header("Location: http://www.eaglelegend.com");

    exit(); //Stop running the script

}

 

I know I am doing alot of work on my site today heh, but security, no matter how small is VERY important to me, so, please help, I have an error... Help IS much appreciated, thanks!

 

Parse error: syntax error, unexpected '=' in /misc/39/000/171/334/2/user/web/eaglelegend.com/login.php on line 14

 

login.php:

         @$username = strip_tags(stripslashes($_POST['username'])); //assuming 'username' is the name of your form var
         @$password = strip_tags(stripslashes(md5($_POST['password']))); // ditto on 'password'
}

if($username && $password) {
$check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`='$username' AND `password`='$password'"));

if($check == 1) {
	        $_SESSION['ELv2'] = $username;
	        if(session_register('ELv2')){
 	    $sql = mysql_query("UPDATE members SET ip ='{$_SERVER['REMOTE_ADDR']}' WHERE username='$username' LIMIT 1");
 	 	Header("Location: index.php");
 	}
 	else {
 	 	print "Cant set cookie";
 	}
}
else {
 	print "Sorry, username/password mismatch!";
}

}
else {
?>

Link to comment
Share on other sites

Please ignore that old code, I noticed I missed a ew things -.-' here it is currently...

 

include("header.php");
$eaglelegend = "eaglelegend.com"; //Your site url without http://
$eaglelegend2 = "www.eaglelegend.com"; //Type your domain with www. this time

$referer = $_SERVER['HTTP_REFERER'];

//Check if browser sends referrer url or not
if ($referer == "") //If not, set referrer as your domain
    $domain = $yoursite;
else
    $domain = parse_url($referer); //If yes, parse referrer

if($domain['host'] == $eaglelegend || $domain['host'] == $eaglelegend2) {
    //Run your dowloading code here normally
} else {
    //The referrer is not your site, we redirect to your home page
    header("Location: http://www.eaglelegend.com");
    exit(); //Stop running the script
}

 

however the site is showing me this...

 

Parse error: syntax error, unexpected '}' in /misc/39/000/171/334/2/user/web/eaglelegend.com/login.php on line 24

Link to comment
Share on other sites

this is 45, code, up to just before the begining of the form.

<?php
include("header.php");
$eaglelegend = "eaglelegend.com"; //Your site url without http://
$eaglelegend2 = "www.eaglelegend.com"; //Type your domain with www. this time

$referer = $_SERVER['HTTP_REFERER'];

//Check if browser sends referrer url or not
if ($referer == "") //If not, set referrer as your domain
    $domain = $yoursite;
else
    $domain = parse_url($referer); //If yes, parse referrer

if($domain['host'] == $eaglelegend || $domain['host'] == $eaglelegend2) {
    //Run your dowloading code here normally
} else {
    //The referrer is not your site, we redirect to your home page
    header("Location: http://www.eaglelegend.com");
    exit(); //Stop running the script
}

         @$username = strip_tags(stripslashes($_POST['username'])); //assuming 'username' is the name of your form var
         @$password = strip_tags(stripslashes(md5($_POST['password']))); // ditto on 'password'
}

if($username && $password) {
$check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`='$username' AND `password`='$password'"));

if($check == 1) {
	        $_SESSION['ELv2'] = $username;
	        if(session_register('ELv2')){
 	    $sql = mysql_query("UPDATE members SET ip ='{$_SERVER['REMOTE_ADDR']}' WHERE username='$username' LIMIT 1");
 	 	Header("Location: index.php");
 	}
 	else {
 	 	print "Cant set cookie";
 	}
}
else {
 	print "Sorry, username/password mismatch!";
}

}
else {
?>

Link to comment
Share on other sites

<?php
include("header.php");
$eaglelegend = "eaglelegend.com"; //Your site url without http://
$eaglelegend2 = "www.eaglelegend.com"; //Type your domain with www. this time

$referer = $_SERVER['HTTP_REFERER'];

//Check if browser sends referrer url or not
if ($referer == "") //If not, set referrer as your domain
    $domain = $yoursite;
}
else
    $domain = parse_url($referer); //If yes, parse referrer
}
if($domain['host'] == $eaglelegend || $domain['host'] == $eaglelegend2) {
    //Run your dowloading code here normally
} else {
    //The referrer is not your site, we redirect to your home page
    header("Location: http://www.eaglelegend.com");
    exit(); //Stop running the script
}

         @$username = strip_tags(stripslashes($_POST['username'])); //assuming 'username' is the name of your form var
         @$password = strip_tags(stripslashes(md5($_POST['password']))); // ditto on 'password'


if($username && $password) {
$check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`='$username' AND `password`='$password'"));

if($check == 1) {
	        $_SESSION['ELv2'] = $username;
	        if(session_register('ELv2')){
 	    $sql = mysql_query("UPDATE members SET ip ='{$_SERVER['REMOTE_ADDR']}' WHERE username='$username' LIMIT 1");
 	 	Header("Location: index.php");
 	}
 	else {
 	 	print "Cant set cookie";
 	}
}
else {
 	print "Sorry, username/password mismatch!";
}

}
else {
?>

You were missing 2 brackets

Link to comment
Share on other sites

Thanks but now...

 

Parse error: syntax error, unexpected '}' in /misc/39/000/171/334/2/user/web/eaglelegend.com/login.php on line 11

 

<?php
include("header.php");
$eaglelegend = "eaglelegend.com"; //Your site url without http://
$eaglelegend2 = "www.eaglelegend.com"; //Type your domain with www. this time

$referer = $_SERVER['HTTP_REFERER'];

//Check if browser sends referrer url or not
if ($referer == "") //If not, set referrer as your domain
    $domain = $yoursite;
}
else
    $domain = parse_url($referer); //If yes, parse referrer
}
if($domain['host'] == $eaglelegend || $domain['host'] == $eaglelegend2) {
    //Run your dowloading code here normally
} else {
    //The referrer is not your site, we redirect to your home page
    header("Location: http://www.eaglelegend.com");
    exit(); //Stop running the script
}

         @$username = strip_tags(stripslashes($_POST['username'])); //assuming 'username' is the name of your form var
         @$password = strip_tags(stripslashes(md5($_POST['password']))); // ditto on 'password'


if($username && $password) {
$check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`='$username' AND `password`='$password'"));

if($check == 1) {
	        $_SESSION['ELv2'] = $username;
	        if(session_register('ELv2')){
 	    $sql = mysql_query("UPDATE members SET ip ='{$_SERVER['REMOTE_ADDR']}' WHERE username='$username' LIMIT 1");
 	 	Header("Location: index.php");
 	}
 	else {
 	 	print "Cant set cookie";
 	}
}
else {
 	print "Sorry, username/password mismatch!";
}

}
else {
?>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.