Hello all,
Okay i'm aware that http_referer is not reliable so i devised a solution that is good enough for me (of course if you have a better solution please let me know).
The problem i was having was most of the http_referer ended up displaying the url to my site or an empty string so i wrote this bit of code:

<?php
if(!isset($_COOKIE["fhttp_referer"]))
	setcookie("fhttp_referer", $_SERVER['HTTP_REFERER'], time()+86400); 

....

if($_COOKIE["fhttp_referer"] == "" || preg_match("/http:\/\/www.mysite.com/i", $_COOKIE["fhttp_referer"])) //if http_referer is undetected ask where they are from
			{ //ask 
}

.....

if(isset($_POST['fhttp_referer']))
				$_SESSION['fhttp_referer'] = $_POST['fhttp_referer'];

// then were it gets entered into the database

if(isset($_SESSION['fhttp_referer'])) $http_referer = $_SESSION['fhttp_referer'];
	else $http_referer = $_COOKIE["fhttp_referer"];

?>

However there seems to be a bug in this code and now most of what gets through is still empty or has my url. What do you guys think? (this is probably pretty unclear so let me know if i can clarify)

Thanks in adavnce
-emrys

    Okay, this is driving me up the wall and its very hard to test. Anyone have any ideas?

    Thanks in advance
    -emrys

      It's because in you're code you're checking my referrer and setting the cookie before you check to see if I've filled out the form. So I come in, then fill out the form and click submit. Instead of reading my entered value you read your site from my new http_referer and insert that into the database.

        Write a Reply...