PHP help?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Jakke PNG
    ex-TeenGodFather
    • Nov 2001
    • 20306

    #1

    PHP help?

    I have a list of urls that I only want to be accessible from 1 specific url, is this the correct php-way to do it. I tested it and it seemed to work...

    PHP Code:
    <?
    $ref=getenv("HTTP_REFERER");
    
    if ($ref hahahaha "http://www.URL.com/page.shtml") {
       echo "OK";
    } elseif ($ref hahahaha "http://URL.com/page.shtml") {
       echo "OK";
    } else {
       echo "Redirect this";
    }
    ?>
    ..and I'm off.
  • Jakke PNG
    ex-TeenGodFather
    • Nov 2001
    • 20306

    #2
    the hahahaha is = and another =
    ..and I'm off.

    Comment

    • Jakke PNG
      ex-TeenGodFather
      • Nov 2001
      • 20306

      #3
      spoofing and such is not a concern, this is a free site and bandwidth usage etc isn't a problem.. I just don't want people to be able to move thru the directories by typing.. as my directory structure is very easily guessable. lol.
      ..and I'm off.

      Comment

      • grumpy
        Too lazy to set a custom title
        • Jan 2002
        • 9870

        #4
        would be better to use .htaccess then

        http://www.javascriptkit.com/howto/htaccess.shtml
        Don't let greediness blur your vision | You gotta let some shit slide
        icq - 441-456-888

        Comment

        • Jakke PNG
          ex-TeenGodFather
          • Nov 2001
          • 20306

          #5
          No.. There's a reason though.
          anyhow, is *that* a correct PHP-way to do it?
          also, if I send the users thru a hyperlink say;
          http://www.URL.com/cgi-bin/script/sc...hecodeisat.php

          will the original referer be the script or the .shtml page? It 'seemed' to be the .shtml page in my tests, but as I'm a php-n00bie, I have no idea how it really works.
          ..and I'm off.

          Comment

          • Tempest
            Too lazy to set a custom title
            • May 2004
            • 10217

            #6
            Depending on how many urls I was going to do, I might do it something like this instead.

            <?php
            $okrefs=array();
            $okrefs['http://www.url1.com/page.shtml']=1;
            $okrefs['http://url1.com/page.shtml']=1;
            $okrefs['http://www.url2.com/page.shtml']=1;
            $okrefs['http://url2.com/page.shtml']=1;
            $ref=strtolower($HTTP_SERVER_VARS['HTTP_REFERER']);
            if($okrefs[$ref]= =1){
            echo("OK");
            }else{
            echo("Redirect this");
            exit();
            }
            ?>

            But some browsers/surfers will hide the referer so then you can't really do this at all. Is it for admin type purposes?

            Comment

            • Jakke PNG
              ex-TeenGodFather
              • Nov 2001
              • 20306

              #7
              Originally posted by Tempest
              But some browsers/surfers will hide the referer so then you can't really do this at all. Is it for admin type purposes?
              No it's not, but it doesn't matter if some browsers hide the referer..then they're just sent away on something else. buahahahaha.
              ..and I'm off.

              Comment

              • Tempest
                Too lazy to set a custom title
                • May 2004
                • 10217

                #8
                Originally posted by TeenGodFather
                No.. There's a reason though.
                anyhow, is *that* a correct PHP-way to do it?
                also, if I send the users thru a hyperlink say;
                http://www .URL.com/cgi-bin/script/s...hecodeisat.php

                will the original referer be the script or the .shtml page? It 'seemed' to be the .shtml page in my tests, but as I'm a php-n00bie, I have no idea how it really works.
                The referer is going to be the page you sent them from.. Don't understand your question I guess.

                Comment

                • Jakke PNG
                  ex-TeenGodFather
                  • Nov 2001
                  • 20306

                  #9
                  Originally posted by Tempest
                  The referer is going to be the page you sent them from.. Don't understand your question I guess.
                  well,
                  I send them from say
                  http://ww.url.com/page.shtml
                  that page as a hyperlink
                  <a hreF="/cgi-bin/script.cgi?=http://www.urlwiththecode.com>link</A>

                  So basically I send to the cgi-bin page, which in turn sends them to the 'end page'. So which is the referer? The page where user clicks the link, or the cgi-script that redirects them to the right place?
                  ..and I'm off.

                  Comment

                  • Tempest
                    Too lazy to set a custom title
                    • May 2004
                    • 10217

                    #10
                    Originally posted by TeenGodFather
                    well,
                    I send them from say
                    http://ww.url.com/page.shtml
                    that page as a hyperlink
                    <a hreF="/cgi-bin/script.cgi?=http://www.urlwiththecode.com>link</A>

                    So basically I send to the cgi-bin page, which in turn sends them to the 'end page'. So which is the referer? The page where user clicks the link, or the cgi-script that redirects them to the right place?
                    Ah... Well if I remember correctly (haven't checked that sort of detailed thing in awhile), it's "usually" the page and not the script.. But.. it's not 100% and I'm not sure why that is.. Could be different browser types or could be spiders/crawlers. Perhaps you should run a test script or something.. setup your links to send to a test page and have that test page display the referer.

                    <?php
                    echo("'$HTTP_SERVER_VARS['HTTP_REFERER']'");
                    ?>

                    There IS another server variables for "redirect" referers as well. Can't remember the name of it right now.

                    Comment

                    Working...