Jump to content

Recommended Posts

this is very simple: something like this:

 

PAGE 1

<?php
session_start();
$_SESSION['page_1'] = true;
echo "This is page 1";
echo '<br /><a href="page_2.php">Page 2</a>';
?>

 

PAGE 2

<?php
if (!isset($_SESSION['page_1'])){
header("Location: page_1.php");
}else{
echo "Welcome to page 2!";
}
?>

 

Hope that helps\works :P

Since 'HTTP_REFERER' is a header that is sent with the request for the page, if I was a bot script, I would simply set 'HTTP_REFERER' to be what your script is expecting and I could directly access page2 without ever visiting page1.

 

Using a session variable (something that is completely out of the hands of the visitor or bot script) is the most secure way to do this. The session variable should be unset() after you test it so that once someone (or a bot script) visits page1, they cannot repeatedly perform the action permitted on page2 without needing to go back to page1 to set the session variable again.

so did I tell him right?

 

this is very simple: something like this:

 

PAGE 1

<?php
session_start();
$_SESSION['page_1'] = true;
echo "This is page 1";
echo '<br /><a href="page_2.php">Page 2</a>';
?>

 

PAGE 2

<?php
if (!isset($_SESSION['page_1'])){
header("Location: page_1.php");
}else{
echo "Welcome to page 2!";
}
unset($_SESSION['page_1']);
?>

 

Hope that helps\works :P

so did I tell him right?

 

this is very simple: something like this:

 

PAGE 1

<?php
session_start();
$_SESSION['page_1'] = true;
echo "This is page 1";
echo '<br /><a href="page_2.php">Page 2</a>';
?>

 

PAGE 2

<?php
if (!isset($_SESSION['page_1'])){
header("Location: page_1.php");
}else{
echo "Welcome to page 2!";
}
unset($_SESSION['page_1']);
?>

 

Hope that helps\works :P

 

thanks. and thanks to everyone who posted. About "unset" when should that be used? unset is new to me

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.