Jump to content


Photo

Http_referer?


  • Please log in to reply
5 replies to this topic

#1 ivalea

ivalea
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 28 June 2006 - 04:08 PM

Hello,
A while ago I thought that I read somewhere that HTTP_REFERER could be used to make sure that visitors are coming from a certain page. For example, I want visitors to not gain acces to 2.php unless they've clicked on a link to it from 1.php. I thought that I could use something like:
<?php

if ($_SERVER['HTTP_REFERER'] != "http://domain.com/1.php") {
    
    header("Location: http://www.domain.com/2.php");

}
?>

But that is not working. Even when clicking on the link placed in 1.php, 2.php never loads. Any insight on how to accomplish this would be so appreciated. Thanks!

#2 AV1611

AV1611
  • Members
  • PipPipPip
  • Advanced Member
  • 997 posts

Posted 28 June 2006 - 04:15 PM

I log $_SERVER['HTTP_REFERER'] to every visitor to my site, and have found that you often times do not get anything in that data field... don't know if it depends on what os they have or what...

I don't think you can do what you are doing reliably unless on an intranet

[!--quoteo(post=388884:date=Jun 28 2006, 12:08 PM:name=ivalea)--][div class=\'quotetop\']QUOTE(ivalea @ Jun 28 2006, 12:08 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Hello,
A while ago I thought that I read somewhere that HTTP_REFERER could be used to make sure that visitors are coming from a certain page. For example, I want visitors to not gain acces to 2.php unless they've clicked on a link to it from 1.php. I thought that I could use something like:
<?php

if ($_SERVER['HTTP_REFERER'] != "http://domain.com/1.php") {
    
    header("Location: http://www.domain.com/2.php");

}
?>

But that is not working. Even when clicking on the link placed in 1.php, 2.php never loads. Any insight on how to accomplish this would be so appreciated. Thanks!
[/quote]


#3 nogray

nogray
  • Members
  • PipPipPip
  • Advanced Member
  • 930 posts
  • LocationSan Francisco CA

Posted 28 June 2006 - 04:44 PM

Try to print out your $_SERVER['HTTP_REFERER'] in the second page so you know exactly how it looks like (it could be http://domain.com or http://www.domain.com, etc)

NoGray.com


#4 ivalea

ivalea
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 28 June 2006 - 05:10 PM

Thanks nogray - I'll give that a try. So is there any other way to accomplish this using PHP?


#5 curtis_b

curtis_b
  • Members
  • PipPipPip
  • Advanced Member
  • 48 posts

Posted 28 June 2006 - 09:02 PM

[!--quoteo(post=388907:date=Jun 28 2006, 12:10 PM:name=ivalea)--][div class=\'quotetop\']QUOTE(ivalea @ Jun 28 2006, 12:10 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Thanks nogray - I'll give that a try. So is there any other way to accomplish this using PHP?
[/quote]

It's a browser setting, people can turn off http_referer information in their browser.

Yes, there are numerous ways to control content access. One way could be to add a hidden form field with a default value on page 1 (your next button would be a submit button), then on page 2 you could have the script reset the header if that hidden variable doesn't exist / isn't correct.

Personally, I wouldn't even bother with multiple php files, you can accomplish the same functionality all in one php script. Your script would first check which 'step' the user is on and grab the relavent content from a database (or hardcoded in conditional includes), at the end of the script you can reset which 'step' the user will go on to the next time the script reloads itself. The 'step' variable could be a session variable or a hidden field in POST.

hope that helps, there are many other ways to accomplish the same thing.

Curt

#6 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 29 June 2006 - 07:00 AM

make a session variable with a certain value on page1.php and check for it in page2.php
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users