Check whether the page was browsed

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Check whether the page was browsed

Post by user___ »

Hi guys,
I have some .php files which I need to check whether they are browsed or not. I sometimessend $get vars to them(If I had not I would know how to do it). Is there any to do so?
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

Huh?
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Reply

Post by user___ »

???
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

Can you perhaps explain what you want to do, as I did not understand a single thing you posted.
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Reply

Post by user___ »

Well, I have these files(.php) which are used with Flash. Flash requests the file on the server, gets what that file has returned(A value), and parse it(or use it) in the very .swf file. I want to ban users to browse these files because sometimes some secure values are outputed.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I'm pretty sure there's not much you can do about that. I guess the question is, why are you returning "secure" information?
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

Ah...

One way would be to send a special variable to the php file (from flash). Your php file would then check to see if this value exists AND is what it expects, if so, you're authorized, if not, leave!

<edit>
It wouldn't stop someone who is determined to access that output, then again a car alarm won't guarantee my car won't get stolen...
</edit>
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Something GPG could help here... but it could easily be sniffed.
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Reply

Post by user___ »

Thank you for the info.
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

You could probably restrict access to a small number of remote IP addresses :?:

$_SERVER["REMOTE_ADDR"];
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

I dont know flash but if theres a method in the flash's swf file to send a custom user-agent which cant be viewed withing the swf file itself ?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

There's nothing stopping a sniffer to ferret out any of the solutions (other than IP restriction) offered so far. I don't think you want a false sense of security when there is little.
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Reply

Post by user___ »

Thank you guys but this with the restriction, which I loved after I had read, made me think whether there was any way to filter IPs. I mean it is a forum which uses Flash and when a user invokes a movie the movie requests a .php page and here I want to(If it is possible for which I am not sure(Rather not)) make Flash sends its requests from the Server's IP.

As far as I know this is not possible but it just hit my mind while trying to find a solution.

Any help is highly appreciated.

You are great guys, continue in the same way.
Post Reply