[SOLVED] redirecting if not from specific url?

kyleldi · October 1, 2009

I'd like to make an IF statement making a page redirect if it's not being accessed via a certain page. Essentially something like this:

IF $referer does not equal mypage.php

redirect to retry.php

else

PHP Form

The problem is, I don't want to send the header too early or it won't work, so I'm having a hard time writing the script. Does anyone have any direction? Thank you!

cags · October 1, 2009

What do you mean by...

I don't want to send the header too early or it won't work

Surely it would just be something along the lines of...

<?php
if($_SERVER['HTTP_REFERER'] != "http://www.google.com") {
header("Location: http://www.yahoo.com");
}
?>

Unless I'm missing something?

SoN9ne · October 1, 2009

I used something like this once. In the array you could allow multiple sites if needed. This will check if the url is allowed, if not it will redirect. You should put this at the top of your file, before any info is sent to browser

if (isset($_SERVER['HTTP_REFERER'])) {
$allowDomains = array('http://mydomain.com');

if (!in_array($_SERVER['HTTP_REFERER'], $allowDomains)) {
	header('Location: http://somesite.com');		
}
}

kyleldi · October 1, 2009

The problem I need it to redirect if it's not coming from a specific url, otherwise if it is, I want it to echo. and the header has to be sent before anything else on the page if it's going to redirect, so it's where my problem lies.

cags · October 1, 2009

Still not seeing the problem....

<?php
if($_SERVER['HTTP_REFERER'] != "http://www.google.com") {
   header("Location: http://www.yahoo.com");
   exit();
}
?>
<!-- all the HTML in the world can go here -->

SoN9ne · October 1, 2009

You could pass a param through the url to an error page and have the page display an error/message switched off the param.

This is an old method I use to use, not recently tho.

ie: header('Location: http://somesite.com/error.php?code=1');

kyleldi · October 1, 2009

Using Cag's script:

<?php
if($_SERVER['HTTP_REFERER'] != "http://www.google.com") {
   header("Location: http://www.yahoo.com");
   exit();
}
?>
<!-- all the HTML in the world can go here -->

How would I add a second URL that's allowed as a referrer? I tried the array option posted here but I couldn't make it work, and after reading on php array, I don't see how i'm going to get it to work.

cags · October 1, 2009

If you wanted multiple URLS, then an array approach like the one SoN9ne suggested is the only sensible one. To show how you'd add multiple URLs.

<?php
if (isset($_SERVER['HTTP_REFERER'])) {
   $allowDomains = array('http://mydomain.com', 'http://www.google.com', 'http://example.com');
   
   if (!in_array($_SERVER['HTTP_REFERER'], $allowDomains)) {
      header('Location: http://somesite.com');      
   }
}
?>

mattal999 · October 1, 2009

<?php
$allowDomains = array('http://mydomain.com/', 'http://www.mydomain.com/', 'http://anotherdomain.com/', 'http://www.anotherdomain.com/'); // Make sure you have both www. and no www., because some sites can use both without a problem.
if (!in_array($_SERVER['HTTP_REFERER'], $allowDomains)) {
    header("Location: http://www.errrror.com/"); // Redirect.
    exit(); // Exit.
}
?>
<!-- all the HTML in the world can go here -->

EDIT: Beat me to it =[

kyleldi · October 1, 2009

Ok, that works, is there a way I can insert a varable? the page with this script is a form that posts to a db, and when it posts it resubmits the URL which is now order.php?code=1234 or some number. I added order.php but it's not the same. Is there a way to submit a wildcard?

mattal999 · October 1, 2009

Ok, that works, is there a way I can insert a varable? the page with this script is a form that posts to a db, and when it posts it resubmits the URL which is now order.php?code=1234 or some number. I added order.php but it's not the same. Is there a way to submit a wildcard?

This would work:

<?php
$allowDomains = array('mydomain.com', 'mydomain.com/order.php?id=1'); // Make sure you have both www. and no www., because some sites can use both without a problem.
$refererHit = false;
foreach($allowDomains as $domain) {
    if (stripos($_SERVER['HTTP_REFERER'], $domain) !== false) {
        $refererHit = true;
    }
}
if($refererHit === false) {
    header("Location: http://www.error.com/");
    exit();
}
?>
<!-- all the HTML in the world can go here -->

kyleldi · October 1, 2009

This would work if the id wasn't 1? that variable could be anywhere from 6-12 digits alpha-numerically.

mattal999 · October 1, 2009

This would work if the id wasn't 1? that variable could be anywhere from 6-12 digits alpha-numerically.

Well it would work if you just put order.php?id= or even just order.php (As in replace order.php?id=1 with order.php)

It just checks if the specified string is contained within the referer variable. So it compares:

http://www.domain.com/order.php?id=2 with "domain.com/order.php", which would return true and therefore stay on the page.

kyleldi · October 1, 2009

That's very useful information to me... Thank you very much!

Sign In

[SOLVED] redirecting if not from specific url?

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information