Code: Select all
<?php
session_start();
$New_Score2 = 1.22*$_SESSION['Score'];
?>
<?php
print "Your new score2 is : " . $New_Score2;
?>
Moderator: General Moderators
Code: Select all
<?php
session_start();
$New_Score2 = 1.22*$_SESSION['Score'];
?>
<?php
print "Your new score2 is : " . $New_Score2;
?>
Code: Select all
if (1 == preg_match('#http(|s)://([a-z]+\.){0,1}paypal\.com/#', $_SERVER['HTTP_REFERER'])) {
// The request likely came from paypal.com
}Code: Select all
http://www.paypal.com/
http://paypal.com/index.php
https://cms.paypal.com/Code: Select all
http://paypal.com - no trailing slash
http://paypal.com.example.com/ - not paypal.com
https://www.pay.paypal.com/ - more than one subdomain
http://www2.paypal.com/ - number in subdomainI don't know what else might be in your results page; but, yes, probably. As BornForCode mentioned, $_SERVER['HTTP_REFERER'] might not always be available, so you might need to find some other way to confirm that the user is coming from PayPal.podarum wrote:I would just add this code into my results page...html/php, anywhere?
Some of the values that populate the $_SERVER array are determined by what the browser tells the server when a request is made. It is possible for someone to make their browser lie to the server.podarum wrote:What do you mean by the client can spoof the $_Server....
I didn't realize there were frames involved.podarum wrote:Is there another way you can think, that I can achieve my goal...not using frmaes or iFrames.?
Code: Select all
<?php
if (1 == preg_match('#http(|s)://([a-z]+\.){0,1}paypal\.com/#', $_SERVER['HTTP_REFERER'])) {
// The request likely came from paypal.com }
?>Code: Select all
'#http(|s)://([a-z]+\.){0,2}paypal\.com/#'Code: Select all
'#http(|s)://([a-z]+\.)*paypal\.com/#'Code: Select all
/*if (1 == preg_match('#http(|s)://([a-z]+\.){0,1} paypal\.com/#', $_SERVER['HTTP_REFERER']))
{
header ("Location: process5.php");
}
else {
header ("Location: http://yahoo.com");
}*/