Destramic Posted December 15, 2014 Share Posted December 15, 2014 hey guys im making a script where the user gets redirected...but im wanting to make sure the redirection is within the same domain and not being shipped off to another site when using ($_SERVER['HTTP_REFERER']) now what im using seems to do the trick but im wondering if there is a better method of doing this?...i dont want to use regex either thank you guys <?php $match = strpos("http://127.0.0.1/login", $_SERVER['SERVER_NAME']); if ($match && $match > 0 || $match === 0) { echo "domain match"; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/293117-domain-match/ Share on other sites More sharing options...
QuickOldCar Posted December 15, 2014 Share Posted December 15, 2014 (edited) I guess this depends on how are actually doing it. $_SERVER['HTTP_REFERER'] can be spoofed You can do a check what the ip is though $remote_ip = $_SERVER['REMOTE_ADDR']; if (strstr($remote_ip, ', ')) { $ips = explode(', ', $remote_ip); $remote_ip = $ips[0]; } if($remote_ip == "192.168.1.2"){ //use servers ip echo "from my server"; } Edited December 15, 2014 by QuickOldCar Quote Link to comment https://forums.phpfreaks.com/topic/293117-domain-match/#findComment-1499674 Share on other sites More sharing options...
Destramic Posted December 16, 2014 Author Share Posted December 16, 2014 thank you for your post i got what i was after using if ($_SERVER['SERVER_NAME'] === parse_url($url, PHP_URL_HOST ) ) { return true; } thank you again Quote Link to comment https://forums.phpfreaks.com/topic/293117-domain-match/#findComment-1499777 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.