Stop URL Editing

ZoundZ

This is my first post, so hello. 🙂

I was hoping someone had an idea on how to do this, because even though I'm a decent with PHP, I have no idea how it's done. I want to make it so people can enter in my website URL(like this : www.mysite.com/) , but, I want to make it so that if they enter in something after the slash(like this: mysite.com/blah.php) they get an error. Anyone know how this can be done? I want them to access blah.php, but only by a link on my website, not by entering it in themselves.

Thanks in advance for any help I receive. 😃

Piranha

I can think of two ways to solve this problem.

The first one is to use post requests, then it is not possible to enter with just the url. Of course, it is not always possible, especially not if you use normal links.

The second one is a little bit harder to implement, but will work better as well. Use a session variable that is checked whenever a person is accessing your site. If the variable is not set you could add a variable or remove the get variables to direct the user to the first page. Don't forget to set the variable when you enter the page.

Horizon88

I would think this would need to be something with Apache using mod_rewrite, more than a PHP solution, seeing as going to /blah.php, if it doesn't exist, no PHP code will be run. The only other solution I could think of would be making a custom 404 page with PHP code in it, but I would think Apache would be the direction I'd point you.

rsmith

I would have the index page create a session like Pirahna suggsted and on each subsequent page check to see if the session cookie exists, if it doesn't then use a header call to redirect them to the index page:

On the index page:

<?
     session_start();
     $_SESSION['view'] = 1;
?>

The first code on each subsequent page

<?
     if(!isset($_SESSION['view'])){
          header ("Location: /index.php");
     }
?>

This would work fairly well for what you want because they have to visit the index.php file to create the session and the session variable 'view'. Once they do then the info is retained for as long as they have their browser open. Once the close it and try to go back to a direct page, the browser will redirect them because $_SESSION['view'] isn't set. This, of courses, requires that your php.ini configuration file is set to expire all sessions on browser close. To check open php.ini and make sure you have this line:

session.cookie_lifetime = 0

Hope this helps!

bradmasterx

This was my query at one point and i have now got it use ajax, http://destroyer.ismywebsite.com/onepage/ To see the example.

Horizon88

I would have the index page create a session like Pirahna suggsted and on each subsequent page check to see if the session cookie exists, if it doesn't then use a header call to redirect them...

And if the page they go to doesn't exist, and they're just poking around? Or they go to a page other than the index page first?

NogDog

Perhaps you should start by answering these questions: Why do you want to make your web interface non-standard? Why should users to your site not be able to bookmark internal pages, and then go directly back to them at a later time via that bookmark? What is special about your site that potentially annoying your visitors with an abnormal user experience is worth it?

I'm not saying you may not have perfectly valid reasons, just that it's a good idea to make sure they are good reasons before going to all this trouble. Also, understanding your reasons may lead us to provide an alternate solution to the underlying need that you have not thought of yet.

rsmith

And just so you know, you're no right click script doesn't work. It shows the alert but I can still right-click.

bradgrafelman

rsmith wrote:
And just so you know, you're no right click script doesn't work

Not that any no-right-click script works... :p

rsmith

Well yeah, that goes without saying, haha.