Jump to content

[SOLVED] redirecting if not from specific url?


kyleldi

Recommended Posts

I'd like to make an IF statement making a page redirect if it's not being accessed via a certain page.  Essentially something like this:

 

IF $referer does not equal mypage.php

 

redirect to retry.php

 

else

 

PHP Form

 

The problem is, I don't want to send the header too early or it won't work, so I'm having a hard time writing the script.  Does anyone have any direction?  Thank you!

What do you mean by...

 

I don't want to send the header too early or it won't work

 

Surely it would just be something along the lines of...

 

<?php
if($_SERVER['HTTP_REFERER'] != "http://www.google.com") {
header("Location: http://www.yahoo.com");
}
?>

 

Unless I'm missing something?

I used something like this once. In the array you could allow multiple sites if needed. This will check if the url is allowed, if not it will redirect. You should put this at the top of your file, before any info is sent to browser

 

if (isset($_SERVER['HTTP_REFERER'])) {
$allowDomains = array('http://mydomain.com');

if (!in_array($_SERVER['HTTP_REFERER'], $allowDomains)) {
	header('Location: http://somesite.com');		
}
}

The problem I need it to redirect if it's not coming from a specific url, otherwise if it is, I want it to echo.  and the header has to be sent before anything else on the page if it's going to redirect, so it's where my problem lies.

You could pass a param through the url to an error page and have the page display an error/message switched off the param.

This is an old method I use to use, not recently tho.

 

ie: header('Location: http://somesite.com/error.php?code=1');

Using Cag's script:

 

<?php
if($_SERVER['HTTP_REFERER'] != "http://www.google.com") {
   header("Location: http://www.yahoo.com");
   exit();
}
?>
<!-- all the HTML in the world can go here -->

 

How would I add a second URL that's allowed as a referrer?  I tried the array option posted here but I couldn't make it work, and after reading on php array, I don't see how i'm going to get it to work.

If you wanted multiple URLS, then an array approach like the one SoN9ne suggested is the only sensible one. To show how you'd add multiple URLs.

 

<?php
if (isset($_SERVER['HTTP_REFERER'])) {
   $allowDomains = array('http://mydomain.com', 'http://www.google.com', 'http://example.com');
   
   if (!in_array($_SERVER['HTTP_REFERER'], $allowDomains)) {
      header('Location: http://somesite.com');      
   }
}
?>

<?php
$allowDomains = array('http://mydomain.com/', 'http://www.mydomain.com/', 'http://anotherdomain.com/', 'http://www.anotherdomain.com/'); // Make sure you have both www. and no www., because some sites can use both without a problem.
if (!in_array($_SERVER['HTTP_REFERER'], $allowDomains)) {
    header("Location: http://www.errrror.com/"); // Redirect.
    exit(); // Exit.
}
?>
<!-- all the HTML in the world can go here -->

 

EDIT: Beat me to it =[

Ok, that works, is there a way I can insert a varable?  the page with this script is a form that posts to a db, and when it posts it resubmits the URL which is now order.php?code=1234 or some number.  I added order.php but it's not the same.  Is there a way to submit a wildcard?

Ok, that works, is there a way I can insert a varable?  the page with this script is a form that posts to a db, and when it posts it resubmits the URL which is now order.php?code=1234 or some number.  I added order.php but it's not the same.  Is there a way to submit a wildcard?

 

This would work:

 

<?php
$allowDomains = array('mydomain.com', 'mydomain.com/order.php?id=1'); // Make sure you have both www. and no www., because some sites can use both without a problem.
$refererHit = false;
foreach($allowDomains as $domain) {
    if (stripos($_SERVER['HTTP_REFERER'], $domain) !== false) {
        $refererHit = true;
    }
}
if($refererHit === false) {
    header("Location: http://www.error.com/");
    exit();
}
?>
<!-- all the HTML in the world can go here -->

This would work if the id wasn't 1?  that variable could be anywhere from 6-12 digits alpha-numerically. 

 

Well it would work if you just put order.php?id= or even just order.php (As in replace order.php?id=1 with order.php)

 

It just checks if the specified string is contained within the referer variable. So it compares:

 

http://www.domain.com/order.php?id=2 with "domain.com/order.php", which would return true and therefore stay on the page.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.