Jump to content

Recommended Posts

I can't find a reason why this wont work in a safari browser??? It works in FF, but the browser shouldnt matter as everyone should know. Does it have to do with using HTTP_REFERER?

<?php

$site ="http://www.site.com/";
if ($_SERVER["HTTP_REFERER"] == $site."account.php"){$edit = 1;}
if ($_SERVER["HTTP_REFERER"] == $site."gallery.php"){$edit = 0;}
?>

<?php if ($edit == 1){?>
<form action="test.php" method="post">
<input name="test" type="text" value="<?php echo $title; ?>"><br><br><br>
</form>
<?php } ?>
<?php if ($edit == 0){echo "<h2>$title</h2>"; } ?>

Link to comment
https://forums.phpfreaks.com/topic/57365-solved-not-working-in-safari/
Share on other sites

I have a program that works in all browsers except opera. It's truly bizarre isn't it. HTTP_REFERER will give info about where a person came from. So if they came from your page (http://www.site.com, then that is fine, but if for some reason they follow a link from an outside source, like a search engine, this code would break your site. You should think about that.

 

Unfortunately $HTTP_REFERER is not foolproof. Some browsers do not send this information, or can be made to send false information. You should keep this in mind when working with $HTTP_REFERER.

The only way the script works is if they came from within the site. I didnt want to post the whole thing because I knew that was the part that wasn't working in safari. (its not actually site.com but i have some stuff thats not secure on the actuall site so i didnt post it)

 

When i just echo $_SERVER["HTTP_REFERER"] in safari it works fine, but when Im using in that if statement its just not going. It seems like $edit is always being set to 0 in safari. Am I missing something there?

Here is the whole code. This is driving me nuts I cant figure out why It is not working in safari. Maybe someone has a better solution for what I am trying to do. Basically, when the page is accessed from gallery.php(which is public) it displays the information. When the page is accessed from account.php(which is private) the user is supposed to be allowed to edit the information. The reason I am not just doing it by using the session data is because I wanted the links on the page to redirect back where the user came from as well and other pages in the future might be linking there.


<?php 
session_start();
include("header.php");
include("db_connect.php");

$query = "SELECT * FROM pic WHERE id = $_GET[id]";

query_db($query);
$row = mysql_fetch_array($result);
extract($row);
//this part not working
$site ="http://www.wiuartinny.com/";
if ($_SERVER["HTTP_REFERER"] == $site."account.php"){$edit = 1;}
if ($_SERVER["HTTP_REFERER"] == $site."gallery.php"){$edit = 0;}
//end of what isnt working
?>
<div id="gallerynav">
<?php echo $_SERVER["HTTP_REFERER"]; ?>
<?php 
if ($edit == 0){?>
<a href="gallery.php"> Go back to the gallery </a>
<?php
}  
elseif ($edit == 1){
?>
<a href="account.php"> Go back to my account </a>
<?php } ?>
</div>
<div id="gallery">
<div id="galfloatleft">
<?php if ($edit == 1){?>
<form action="test.php" method="post">
<input name="test" type="text" value="<?php echo $title; ?>"><br><br><br>
</form>
<?php } ?>
<?php if ($edit == 0){echo "<h2>$title</h2>"; } ?>

</div>
<div id="galfloatright">
<br>
<a href="#">Prev</a> | <a href="#">Next</a>
</div>
</div>
<div id="gallerynav">
In this photo:<br />
<br />
<br />
</div>
<div id="gallery">
<img id="larger"  src="<?php echo "uploads/$file"; ?>">
</div>
<div id="gallery">
<h3>Comments</h3>
<hr />
No Comments Yet
<br /><br />
</div>
<?php
include("footer.php");
?>

if you use a session, you could have a session variable that takes on the value of the page it was on, and the next time it goes to a page it would have the variable set:

 

The refering page would set this:

$_SESSION['lastPage'] = 'http://www.whatever.com';

 

Then your script would simply check that session variable, and you could use it something like this:

if ($_SESSION['lastPage'] == 'http://www.whatever.com'){

//do something

}

So is there another way to track what page the user came from? Well I know there probably is, but do you have a suggestion for good secure alternative?

 

No reliable way. If they had to be on a certain page on YOUR site than yes you can track that. But if you are only relying on the referrer I can easily use any browser and manually set the HTTP_REFERER setting to that site and access your site.

 

I would highly suggest finding a different method or store a session variable if they should be coming from a page on your site.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.