referer

derksj

can someone tell me what is wrong with this code

<?
if
($_SERVER['HTTP_REFERER']!="http://www.domain.com/pg/docviewer.php?action=view&doc=12584")
{
echo ("wrong");
}
else
{
echo ("ok");
}
?>

drawmack

can someone tell me the error they are getting

derksj

The problem is i dont want that people go direct to my page
http://www.domain.com/test.php but only via http://www.domain.com/pg/docviewer.php?action=view&doc=12584

when i do come to my page

http://www.domain.com/test.php via

http://www.domain.com/pg/docviewer.php?action=view&doc=12584

i get "wrong" (i should expect "ok")

when i type the the url

http://www.domain.com/test.php in the browser

so i dont come via

http://www.domain.com/pg/docviewer.php?action=view&doc=12584

i get "wrong" ( i expect "wrong")

drawmack

try echoing out the referer so you can see exactly what's going on. Though I think a better way to do this is to check for a query string value being passed as it allows you more functionality in calling the script.

derksj

i am very new to php

what do you mean with

"to check for a query string value being passed "
maybe you can give me an example how i can check where someone comes from

drawmack

you are checking the referer properly

what I would do to see what's going on is

echo _SERVER['HTTP_REFERER'] . "<BR />";

then you'll know why your if loop is failing.

When I said check a query string parameter I ment do something like this:

in calling script

echo "<a href=\"mypage.php?valid=";
echo md5("mypage.php");
echo "\">My Page</a>\n";

in mypage.php

if($_GET['valid'] == md5('mypage.php')) {
// allowed to access
} else {
  //not allowed to access
} //end if

this allows you to be able to call this script from anywhere easily and people can email links to it to their friends and have them work but people can't just type in or link to mypage.php.

derksj

i found out what went wrong

i use a redirect script from one to the other page
but when you redirect $_referer doesnt work anymore

drawmack

Originally posted by derksj
i found out what went wrong

i use a redirect script from one to the other page
but when you redirect $_referer doesnt work anymore

but the method that I showed for using a querystring would.

You could do the redirect in php instead of js and then your referer will still work.

derksj

hehe :-)

the problem with your last solution is

the page i use my redirect on only can be written in javascript or html
php is not alowd

grrr