HTTP_REFERR

Anon

I have a question regarding $HTTP_REFERER:

Here is what I want to do:

There is a site out there with a link to my site. When user click on the link, they will come to my site. My site is set up to allow people in ONLY if they come from this site, all other are denied access.

I was thinking along these lines:

if $http_referer == "http://www.xxx.com/page.html
then allow them in
else getout.

Now, reading through the manual and FAQ, it seems to me that the HTTP_REFERER variable may not be set if users use some "old browser".

Anyone know what these "old browsers" are?
IS there another or better way to do this?

Thanks

icaro

humm, i dont know the list of the 'old browsers' like that, but maybe if the link in the first site looks like:
href="http://hidensite/somefile.php?status=allowed"

...
if ($status == 'allowed') ok
else getout

Anon

People could just copy the link and get in from anywhere then...

-j

icaro

jason = D.J.?

some of that sites will ask people for user/pass?

you only dont want to show the hiden content to people that just visited the first site, ok?

Anon

Thank you for the response. No, can't pass any varaible along for the same reason jason pointed out. No, cannot use username/password to authenticate neither.

The purpose for doing this is:

My site will accept the connection/request ONLY if the request is from a known and predefined page, example: http://www.xxx.com/page.html

Thank you for the input.

icaro

humm, i think cookies cant help you..
your better chance seems to be that predefinded variable $http_referer(?)...

you can also search for some clue on apache documentation (or netscape/iss - i dont know what is the hidensite server soft) to resolve the problem with older browsers.

about the list of old browsers that you asked before, what do you do with it if you found it? tell people 'update yor browser' ?

Anon

ic,

Definitely, if they are still using "old browser", they should update their browser or get out of the way!

My best guess in this case is to check for what kind of browser users are using. If browser type is the "old browser", then the compromise is to let them in, period, betting on that there is not many out there.
THis non-solution is just a thought though.

opido

Drop me an email (check my profile), I know what you are looking for. I wrote a program for the company I work at called Private Referrers. It's very slick and even does p3p (allows for frame referrers).

Stephen VanDyke