server_name is your server, and should be set by your web server and be completely independent of the user (to the best of my knowledge). Generally speaking, any of the "HTTP_*" values are dependent upon the client (browser) sending them to you, so you can never really depend on them always being present.

Thank you NogDog.

Is there any another way how find out which domain user is using on my website?

Maybe [man]gethostname/man?

Fatal error: Call to undefined function gethostname()

I guess gethostname(); couldn't help anyway because php manual says:

gethostname() gets the standard host name for the local machine.

So, it will get the server host name and not the domain name. I have several domains:

domain.com
domain.net
domain.es

pointing to the same website. I need to detect which domain is using each user.

I changed the script to:

$userhost = getenv("HTTP_HOST");

It works but the same problem - not for all users.

I just received a support request from an user where $userhost detected by the script is:

www.mydomain

(without any TLD). I wonder how is it possible what user enters my website using domain name without any TLD.

As I understand, there is no way how to detect which domain name are using people on your website because all known methods will work only for some users?

If it's true, things like setting default language depending of the domain name or redirecting users depending of the domain name will not work correctly.

For years I was showing different content depending of the domain name but now I am shocked to find out that it doesn't work at all. :mad::mad::mad:

as NogDog said all HTTP* come from the visitor, i could set my host to show "MARS", as it is its striped for security by my firewall.

HTTP is a stateless protocol, all visits are with out "baggage" as to the past location of the visitor

dagon, thank you for your reply. I still don't understand how is it possible.

An example. I want to access website www.mydomain.com. I open browser and type: www.mydomain.com. After checking DNS records, my request will be sent, lets say, to the server 123.456.789.000. I will be able to open the requested website only in case if server 123.456.789.000 contains this website. This will be checked in Apache config file.

So, how can I open in my browser website www.mydomain.com by sending request "mars" or something like that? It's not possible.

Thanks.

So, can anyone show me an example how can I enter website www.mydomain.com telling php that HTTP_HOST is something different than www.mydomain.com ?

I just wonder how is it possible.

Thanks.

its nothing to do with php, HTTP_HOST comes form the client

Try HTTP_REFERER

Or use a hidden field in the form with the domain already entered.

Krik;10964430 wrote:

Try HTTP_REFERER

no, all the HTTP* headers can be faked

REFERER is more commonly faked than the others, my fire wall strips it out by default.

no, all the HTTP* headers can be faked

How? I ask the same question in several forums but noone can't show an example how HTTP headers can be faked.

How can I enter some website with faked HTTP_HOST??

This is a big problem for me. I have domins:
mywebsite.es
mywebsite.de
mywebsite.se

If user enters mywebsite.es, the content is in Spanish for Spanish people. If user enters mywebsite.de, the content is in German for German people. If user enters website with faked HTTP_HOST, he/she will get wrong content.

And what is the reason to use faked HTTP_HOST? Maybe I should just block all users who want to hide something?

I have been following this thread and I don't really understand why it is a problem

I have a site with three language versions - but each is in a different sub directory on the server
(I think your three are all pointing to the single root directory)

if the user gets the wrong language there is a country flag at top of the page
that points to the correct language directory
the site has been like this for four years and no one has complained they cannot get the correct langauge

I couldn't care less if somebody fakes anything - why does it matter to the site?

can't you add a session variable set by the page being acccessed?

This can be actually made pretty easy. as the one before me said. use session or a cookie. everything that will simply differ from the other.

This can be actually made pretty easy.

Many people say it's easy but noone can show an example how is it possible.

I have been following this thread and I don't really understand why it is a problem

It's a problem because depending of the domain, my website shows different language and different content. For example:

www.datinginspain.es - Spanish dating website in Spanish language
www.datingingermany.de - German dating website in German language

So, I have to set one of these websites as default (if user enters without HTTP_HOST information). Let's say www.datinginspain.es will be the default website.

Now, when an user from Germany enters www.datinggermany.de without HTTP_HOST, he/she sees Spanish dating website. This user will leave my website.

If users without HTTP_HOST or fake HTTP_HOST take some measures to hide this information, it's not a problem - I don't want users who have something to hide.

But if wrong HTTP_HOST is changing accidentally, it's aproblem because I am losing users.

How about using a redirect? So www.datinginspain.es goes to www.datinginspain.es/esindex.php sets a session or cookie and immediately redirects to esindex1.php (or whatever you want to call your files). The rest of the website is then in the correct language.

I DO understand your problem but I think you can work around it:

as I said before:

I think your three are all pointing to the single root directory Yes?

on mine each is in a different sub directory on the server
and if the user gets the wrong language there is a country flag at top of the page that points to the correct language directory

What is wrong with little icon flags - that is if you do not want to re-arrange directory structure?

my site has been like this for four years and no one has complained they cannot get the correct langauge

cretaceous, yes, all domains are all pointing to the single root directory.

Yes, I can put country flags, but I think that many people will just leave my website if they get wrong content in a different language.