contra10 Posted March 2, 2009 Share Posted March 2, 2009 I've allowed paypal to redirect to a page after a payment has been made to a particular page. How do i protect that page or find a way so that if the user is logged in he/she can't just type in the url and access the page. My first idea is create a value in sql and one payment is made the redirection page changes that value to "true". But if i can allow a user to pay more than once and the variable is already set to true, wouldn't it cause problems? Link to comment https://forums.phpfreaks.com/topic/147504-authentic-url/ Share on other sites More sharing options...
contra10 Posted March 2, 2009 Author Share Posted March 2, 2009 perhaps if i set another cookie? session? Link to comment https://forums.phpfreaks.com/topic/147504-authentic-url/#findComment-774309 Share on other sites More sharing options...
xerodefect Posted March 2, 2009 Share Posted March 2, 2009 You can do this many ways. Ill just give you some methods. Method 1: Cookies. I dont reccomend this because if a browser dont have cookies enable then it wont work... Method 2: Sessions Page not allowed to redirect <?php session_start(); if($_SESSION['is_redirected'] != true) { die("You have to be redirected to this page."); } ?> and on the other pages add <?php session_start(); if(! isset($_SESSION['is_redirected'])) { $_SESSION['is_redirected'] = true; } ?> Method 3: Check if the referer is empty? $_SERVER['HTTP_REFERER'] I also don't recommend this way either. Link to comment https://forums.phpfreaks.com/topic/147504-authentic-url/#findComment-774341 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.