block visitors going directly to download page

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
angelbear
Forum Newbie
Posts: 4
Joined: Thu Aug 22, 2002 2:41 am
Location: Philippines
Contact:

block visitors going directly to download page

Post by angelbear »

Hi,

how can I block visitors from my site that goes directly to my download page?

ty
User avatar
9902468
Forum Commoner
Posts: 89
Joined: Thu Jun 06, 2002 6:39 am
Location: Europe

Post by 9902468 »

You can do this by using a variable that is set somewhere else.

In the beginnig of the download page check

Code: Select all

if($_SESSIONї"was_in_main_page"] == 1){
 show the page
}else{
header("Location: mainpage.php");
}
and remember to set that $_SESSION["was_in_main_page"] in you mainpage to 1.
(if user has been in mainpage once, he/she can go directly to downloads, as long as her/his browser is open, next time they have to go through mainpage again...)

So if one tries to go directly to downloads he/she will be redirected to mainpage.

If you don't use sessions it's a bit more tricky:
atleast you can use cookies, that die in a minute. set the cookie in mainpage and check it in downloads. for added security use random numbers as the cookie name and value, now these values must be tranported somehow to download page so that you can check that cookie matches. The setcookie solution might be good enough to keep your users to come through mainpage, I doubt that anyone hacks a cookie just so he / she can get directly to down loadpage? So set a cookie in main page name like was_in_mainpage_check and a value yes and give the cookie a lifespan of few minutes. In downloads check that the cookie can be found and increase the cookies time by few minutes....

Anyhow hope that this is what you meant. (or I have been writing for nothing...)

-9902468
fatalcure
Forum Contributor
Posts: 141
Joined: Thu Jul 04, 2002 12:57 pm
Contact:

Post by fatalcure »

well, you can use the $_SERVER['HTTP_REFERER'] to see what page they came from, if its not form a page on your site, or not a page that you want them to come from, you can just redirect them somewhere else
:)
Post Reply