chauffeur Posted November 10, 2009 Share Posted November 10, 2009 at the top of your screen now, you can see the address of the page. The URL and directories in which this page resides. I need to go to a page from my website but don't want anyone to see where it is stored. I don't want anyone to be able to bookmark and return to the page. I want them to pass through the website's terms-conditions.php page before they can access it. Is there a script for this or can you write it for me? Please help .... but then, I don't think anyone here can. Prove me wrong please. Quote Link to comment Share on other sites More sharing options...
mattal999 Posted November 10, 2009 Share Posted November 10, 2009 Heres what you do. 1. Make the main url an a holder page, containing just an IFRAME that is 100% width and height. 2. Set the IFRAME src to terms-conditions.php. 3. Make the page that is secret a clickthrough from terms-conditions.php with a unique key set randomly in the url AND as a session by the terms-conditions.php page. 4. On the next page, check to see if the key in the url matches the session, and if it does destroy the session, and if it doesn't then destroy the session and redirect them via Header("");. And, as sessions are killed when the browser is closed, once they visit the page once, and they navigate away if they try and go back to it the key will not be set and they will be redirected. Just an idea. Quote Link to comment Share on other sites More sharing options...
Mchl Posted November 10, 2009 Share Posted November 10, 2009 Err.. mod_rewrite with unique token? Quote Link to comment Share on other sites More sharing options...
uancletus Posted November 10, 2009 Share Posted November 10, 2009 Fairly basic if you aren't looking for anything fancy... <? if (!isset($_POST['passterms'])) { //include('terms-conditions.php'); echo 'TERMS AND CONDITIONS GO HERE'; // You may also include the terms and conditions as seen on the line above. echo '<form action="" method="POST">'; echo '<input type="submit" name="passterms" value="Continue" />'; echo '</form>'; } else { //include('page2.php'); echo 'YOUR OTHER PAGE IS HERE'; // You may also include the second file here, as seen on the line above. } ?> Note that this is real basic and the user will have to click continue every time they visit the web page. Quote Link to comment Share on other sites More sharing options...
Alex Posted November 10, 2009 Share Posted November 10, 2009 Never use $_SERVER['PHP_SELF'] as a form action, it leaves you vulnerable to XSS attacks. If you want to set the action to the same page just leave action blank (action=""). Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted November 10, 2009 Share Posted November 10, 2009 I would go with mod rewrite, but anyone can just view source the page, and see the source of the iframe Quote Link to comment Share on other sites More sharing options...
uancletus Posted November 10, 2009 Share Posted November 10, 2009 If you want to set the action to the same page just leave action blank (action=""). Indeed, bad habits... I modified the code above... Quote Link to comment Share on other sites More sharing options...
otuatail Posted November 10, 2009 Share Posted November 10, 2009 Could you not use SESSIONS so that that the information is not passed. Not sure what you need, but you can prevent access to a page if not looged in so this is one way around it. You can still book mark the page but get nowhere and in php re-direct to a go away page. Desmond. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.