Jump to content

Http_referer?


ivalea

Recommended Posts

Hello,
A while ago I thought that I read somewhere that HTTP_REFERER could be used to make sure that visitors are coming from a certain page. For example, I want visitors to not gain acces to 2.php unless they've clicked on a link to it from 1.php. I thought that I could use something like:
[code]
<?php

if ($_SERVER['HTTP_REFERER'] != "http://domain.com/1.php") {
    
    header("Location: http://www.domain.com/2.php");

}
?>[/code]

But that is not working. Even when clicking on the link placed in 1.php, 2.php never loads. Any insight on how to accomplish this would be so appreciated. Thanks!
Link to comment
Share on other sites

I log $_SERVER['HTTP_REFERER'] to every visitor to my site, and have found that you often times do not get anything in that data field... don't know if it depends on what os they have or what...

I don't think you can do what you are doing reliably unless on an intranet

[!--quoteo(post=388884:date=Jun 28 2006, 12:08 PM:name=ivalea)--][div class=\'quotetop\']QUOTE(ivalea @ Jun 28 2006, 12:08 PM) [snapback]388884[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Hello,
A while ago I thought that I read somewhere that HTTP_REFERER could be used to make sure that visitors are coming from a certain page. For example, I want visitors to not gain acces to 2.php unless they've clicked on a link to it from 1.php. I thought that I could use something like:
[code]
<?php

if ($_SERVER['HTTP_REFERER'] != "http://domain.com/1.php") {
    
    header("Location: http://www.domain.com/2.php");

}
?>[/code]

But that is not working. Even when clicking on the link placed in 1.php, 2.php never loads. Any insight on how to accomplish this would be so appreciated. Thanks!
[/quote]
Link to comment
Share on other sites

[!--quoteo(post=388907:date=Jun 28 2006, 12:10 PM:name=ivalea)--][div class=\'quotetop\']QUOTE(ivalea @ Jun 28 2006, 12:10 PM) [snapback]388907[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Thanks nogray - I'll give that a try. So is there any other way to accomplish this using PHP?
[/quote]

It's a browser setting, people can turn off http_referer information in their browser.

Yes, there are numerous ways to control content access. One way could be to add a hidden form field with a default value on page 1 (your next button would be a submit button), then on page 2 you could have the script reset the header if that hidden variable doesn't exist / isn't correct.

Personally, I wouldn't even bother with multiple php files, you can accomplish the same functionality all in one php script. Your script would first check which 'step' the user is on and grab the relavent content from a database (or hardcoded in conditional includes), at the end of the script you can reset which 'step' the user will go on to the next time the script reloads itself. The 'step' variable could be a session variable or a hidden field in POST.

hope that helps, there are many other ways to accomplish the same thing.

Curt
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.