Need Programming Help - Members Area Plugin

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • SkeetSkeet
    Confirmed User
    • Oct 2005
    • 5404

    #1

    Need Programming Help - Members Area Plugin

    Ok ... Been at this for hours with no luck searching forums google or anything so here it goes. I am trying to figure out how to limit access to a page to traffic only coming from certain domains for a members area plugin we are working on. Basically you can't typein the domain and get anything, has to be linked from certain approved members areas or domains and what not. I have tapped everything I can think of and coming up dry. Any help greatly appreciated.

    ICQ 283633188
  • datatank
    Confirmed User
    • Aug 2004
    • 5471

    #2
    You can do it with htaccess

    Comment

    • Nookster
      Confirmed IT Professional
      • Nov 2005
      • 3744

      #3
      Code:
      $ref = $_SERVER['HTTP_REFERER'];
      $pos = strpos($ref,'http://yoursite.com/members/');
      $outp = ($pos === true) ? 'The referer is valid.' : 'Nice try.';
      I think is what you're looking for, but remember the referer can be manipulated.
      The Best Affiliate Software, Ever.

      Comment

      • woj
        <&(©¿©)&>
        • Jul 2002
        • 47882

        #4
        Don't do it with referrer, it's way too amateurish... It may have been good enough 10 years ago, but now a days any idiot can hardcode referer='yoursite.com' into firefox and browse your plugin for free... people even collect and post links to poorly protected plugins like that on surfer forums... you will piss away ton of bandwidth this way...
        Custom Software Development, email: woj#at#wojfun#.#com to discuss details or skype: wojl2000 or gchat: wojfun or telegram: wojl2000
        Affiliate program tools: Hosted Galleries Manager Banner Manager Video Manager
        Wordpress Affiliate Plugin Pic/Movie of the Day Fansign Generator Zip Manager

        Comment

        • bobby666
          boots are my religion
          • Nov 2005
          • 21765

          #5
          Originally posted by woj
          Don't do it with referrer, it's way too amateurish... It may have been good enough 10 years ago, but now a days any idiot can hardcode referer='yoursite.com' into firefox and browse your plugin for free... people even collect and post links to poorly protected plugins like that on surfer forums... you will piss away ton of bandwidth this way...
          they call it spoofing on the amateur porn boards

          Comment

          • raymor
            Confirmed User
            • Oct 2002
            • 3745

            #6
            The reason you've had trouble finding it is is that there is no easy way to
            do it with a few lines of .htaccess of whatever and have any level of security.
            Soee old plugin providers did that, but those are the ones posted all over the
            hacker boards and password sites and all, and who are also found in the
            members' area of some legitimate looking sites although the webmaster
            isn't paying the fee. We can set you up with a secure system based on
            Strongbox technology, though.
            For historical display only. This information is not current:
            support&#64;bettercgi.com ICQ 7208627
            Strongbox - The next generation in site security
            Throttlebox - The next generation in bandwidth control
            Clonebox - Backup and disaster recovery on steroids

            Comment

            • Nookster
              Confirmed IT Professional
              • Nov 2005
              • 3744

              #7
              Originally posted by woj
              Don't do it with referrer, it's way too amateurish... It may have been good enough 10 years ago, but now a days any idiot can hardcode referer='yoursite.com' into firefox and browse your plugin for free... people even collect and post links to poorly protected plugins like that on surfer forums... you will piss away ton of bandwidth this way...
              notice what I mentioned about the referer. Read before you type.
              The Best Affiliate Software, Ever.

              Comment

              • SkeetSkeet
                Confirmed User
                • Oct 2005
                • 5404

                #8
                Originally posted by raymor
                The reason you've had trouble finding it is is that there is no easy way to
                do it with a few lines of .htaccess of whatever and have any level of security.
                Soee old plugin providers did that, but those are the ones posted all over the
                hacker boards and password sites and all, and who are also found in the
                members' area of some legitimate looking sites although the webmaster
                isn't paying the fee. We can set you up with a secure system based on
                Strongbox technology, though.
                as sad as this is ... i didn't even think yall could set something like that up ... never crossed my mind ... but yeah hit me up with some pricing info and we can def work that out

                ICQ 283633188

                Comment

                • brandonstills
                  Confirmed User
                  • Dec 2007
                  • 1964

                  #9
                  There's the referrer method mention but it has problems like mentioned above. You would have to do something where the plugin generates some type of authentication code and then that code is valid for a certain time period. You could even hash that code and combine it with their IP address so that code is tied to a given IP address only.

                  Brandon Stills
                  Industry and programming veteran
                  [email protected] | skype: brandonstills | ICQ #495-171-318

                  Comment

                  Working...