contra10 Posted March 2, 2009 Share Posted March 2, 2009 I've allowed paypal to redirect to a page after a payment has been made to a particular page. How do i protect that page or find a way so that if the user is logged in he/she can't just type in the url and access the page. My first idea is create a value in sql and one payment is made the redirection page changes that value to "true". But if i can allow a user to pay more than once and the variable is already set to true, wouldn't it cause problems? Quote Link to comment Share on other sites More sharing options...
contra10 Posted March 2, 2009 Author Share Posted March 2, 2009 perhaps if i set another cookie? session? Quote Link to comment Share on other sites More sharing options...
xerodefect Posted March 2, 2009 Share Posted March 2, 2009 You can do this many ways. Ill just give you some methods. Method 1: Cookies. I dont reccomend this because if a browser dont have cookies enable then it wont work... Method 2: Sessions Page not allowed to redirect <?php session_start(); if($_SESSION['is_redirected'] != true) { die("You have to be redirected to this page."); } ?> and on the other pages add <?php session_start(); if(! isset($_SESSION['is_redirected'])) { $_SESSION['is_redirected'] = true; } ?> Method 3: Check if the referer is empty? $_SERVER['HTTP_REFERER'] I also don't recommend this way either. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.