Jump to content

Archived

This topic is now archived and is closed to further replies.

ivalea

Http_referer?

Recommended Posts

Hello,
A while ago I thought that I read somewhere that HTTP_REFERER could be used to make sure that visitors are coming from a certain page. For example, I want visitors to not gain acces to 2.php unless they've clicked on a link to it from 1.php. I thought that I could use something like:
[code]
<?php

if ($_SERVER['HTTP_REFERER'] != "http://domain.com/1.php") {
    
    header("Location: http://www.domain.com/2.php");

}
?>[/code]

But that is not working. Even when clicking on the link placed in 1.php, 2.php never loads. Any insight on how to accomplish this would be so appreciated. Thanks!

Share this post


Link to post
Share on other sites
I log $_SERVER['HTTP_REFERER'] to every visitor to my site, and have found that you often times do not get anything in that data field... don't know if it depends on what os they have or what...

I don't think you can do what you are doing reliably unless on an intranet

[!--quoteo(post=388884:date=Jun 28 2006, 12:08 PM:name=ivalea)--][div class=\'quotetop\']QUOTE(ivalea @ Jun 28 2006, 12:08 PM) [snapback]388884[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Hello,
A while ago I thought that I read somewhere that HTTP_REFERER could be used to make sure that visitors are coming from a certain page. For example, I want visitors to not gain acces to 2.php unless they've clicked on a link to it from 1.php. I thought that I could use something like:
[code]
<?php

if ($_SERVER['HTTP_REFERER'] != "http://domain.com/1.php") {
    
    header("Location: http://www.domain.com/2.php");

}
?>[/code]

But that is not working. Even when clicking on the link placed in 1.php, 2.php never loads. Any insight on how to accomplish this would be so appreciated. Thanks!
[/quote]

Share this post


Link to post
Share on other sites
Try to print out your $_SERVER['HTTP_REFERER'] in the second page so you know exactly how it looks like (it could be http://domain.com or http://www.domain.com, etc)

Share this post


Link to post
Share on other sites
Thanks nogray - I'll give that a try. So is there any other way to accomplish this using PHP?

Share this post


Link to post
Share on other sites
[!--quoteo(post=388907:date=Jun 28 2006, 12:10 PM:name=ivalea)--][div class=\'quotetop\']QUOTE(ivalea @ Jun 28 2006, 12:10 PM) [snapback]388907[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Thanks nogray - I'll give that a try. So is there any other way to accomplish this using PHP?
[/quote]

It's a browser setting, people can turn off http_referer information in their browser.

Yes, there are numerous ways to control content access. One way could be to add a hidden form field with a default value on page 1 (your next button would be a submit button), then on page 2 you could have the script reset the header if that hidden variable doesn't exist / isn't correct.

Personally, I wouldn't even bother with multiple php files, you can accomplish the same functionality all in one php script. Your script would first check which 'step' the user is on and grab the relavent content from a database (or hardcoded in conditional includes), at the end of the script you can reset which 'step' the user will go on to the next time the script reloads itself. The 'step' variable could be a session variable or a hidden field in POST.

hope that helps, there are many other ways to accomplish the same thing.

Curt

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.