restricting page access

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
bugthefixer
Forum Contributor
Posts: 118
Joined: Mon Mar 22, 2004 2:35 am

restricting page access

Post by bugthefixer »

i have a page whose url is like this
http://www.rp.com/category?name=1&cat=blue
this page is infact accessed from a link in previous page..
the problem is if i write this url as it is in browser then this page is access as normal..but i want to restrict it so that if this page is accessed from the previous page only then it is displayed otherwise it should display a message access denied..
secondaly my variables name and cat appear in the url as it is ..how can i make them look like encoded..
Grim...
DevNet Resident
Posts: 1445
Joined: Tue May 18, 2004 5:32 am
Location: London, UK

Post by Grim... »

One way:

Code: Select all

<?php
$referrer = $HTTP_REFERER; //this is the name of the page the user came from
if ($referrer != 'yourpagename.php')
{
    print "Access Denied";
    exit;
}

//rest of page here

?>
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

use sessions.

8)
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I'd have to agree with tim here, using referer could easily not work, as a lot of browsers/proxies either don't send or strip out such a header.
User avatar
tim
DevNet Resident
Posts: 1165
Joined: Thu Feb 12, 2004 7:19 pm
Location: ohio

Post by tim »

I wish the session tutorial was still around by jason. that would be a excellent link to post here.

feyd, did u leave a msg about that in the mod forum?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

yeah.. jason no say any'ting yet.
bugthefixer
Forum Contributor
Posts: 118
Joined: Mon Mar 22, 2004 2:35 am

thanks

Post by bugthefixer »

thanks all of for replying..
i have used sessions in my website but i cant figure out how i use sessions for this purpose
Illusionist
Forum Regular
Posts: 903
Joined: Mon Jan 12, 2004 9:32 pm

Post by Illusionist »

on your first page set a session variable:

Code: Select all

$_SESSION['mine'] = "page1";
Then on your other page check that sessino variable:

Code: Select all

if($_SESSION['mine'] != "page1"){
    echo "Access Denied!"
}else{
    //the rest of your page
}
Atleast thats what i would do!
Post Reply