Referer browser problems

Anon

<?
$validreferer = "http://domainname.com/index.php";

// allowed calling pages

// check for valid refererring address... use getenv to prevent people from passing it on the command line.
if (getenv("HTTP_REFERER") == $validreferer)

{
echo("member page");
}

else

{

echo("member fail page");

}

when i access this php page from index.php the variable HTTP_REFERER becomes blank in case of IE while in case of Nestcape it is valid. thus the system works on Nestcape but fails on IE . any ideas

thanks in advance.

kalyan

jariizumi

If you're running Apache, you could always do it the "safer" way and say:

$headers = getallheaders();
if ($headers["Referer"] == $valid_referer) {
// It's a good one!
} else {
// It's a bad one...
}

There must be other ways, but I personally find this more secure. Hope this helps 🙂