server vars, http_referer...

olaf

Hallo,

I want to show some text if the script is requested outside the root (for example from the site of a customer).

Because I have to handle more than one (10) different domains. on my site I don't want check all domains against the http_referer.

I there another way (maybe some other server var)?

YappyDog

Set a session variable on your pages. If they link in from outside your pages, the session variable won't be there.

olaf

Hallo,

Thanks for your response, but it likes me not enough because I have to show the text if the variable does not exist. What's if a session not exists while linking on the site?

YappyDog

Just set a session variable with any name you choose. Then on the pages you are concerned about, check to see if the session variable contains the value you assigned to it. If not, then don't let them in.

if ($_SESSION["FromMyPages"] <> "Yes") {
echo "GO AWAY!";
exit;
}

Shrike

function putThisInYourPage(){
  session_start();
  if(!isset($_SESSION['yourvar'])){
    print("You didn't link from inside the site.");
  }else{
    print("You did link from inside the site.");
  }
}

function thisNeedsToBeSetBySomeLogin(){
  if($loginok){
    session_start();
    $_SESSION['yourvar'] = 1;
  }
}

I guess something like this. Of course it requires you to use sessions, but they are very handy so wth 🙂

olaf

Hello,

I know how to set sessions...

i asked for an other solution wih maybe a server variable...

Shrike

There are a few server variables that you can use, HTTP_REFERER being the most obvious, but not all that reliable. If you know what pages the user should be coming from you can check for that. Take a look at the $GLOBALS array for more info.

Sessions should be already configured if you have a standard PHP installation. You need to call session_start() before doing anything. After that variables can be added to the $_SESSION array simply by assigning them. Then in subsequent page accesses you can check for their existence. By default PHP uses file-based sessions but you can use a database with session_set_save_handler() if your feeling brave 😉

HTH