making shure the user came from a specif page/session
Posted: Wed Aug 16, 2006 5:39 pm
i need to make shure that a script is not called directly and the user came from one specific other script.
whats the best way to do this?
i though about something like this:
in the first file:
then on the script i need to be protected:
but if the user visits the first page and then, goes away the variable stills be set... and then if it visits the second page after a while the values i want to fetch from $_POST might not be there anymore.
i think passing the value to check in a session variable is not the idea... any other solutions?
whats the best way to do this?
i though about something like this:
in the first file:
Code: Select all
$_SESSION["testvalue"]=session_id()+1;Code: Select all
if ($_SESSION["testvalue"]!=session_id()+1;){
header(...);
exit;
}
else{
...
}i think passing the value to check in a session variable is not the idea... any other solutions?