Page 1 of 1
I need a php script that verifies parent website!!
Posted: Thu Aug 28, 2008 12:54 pm
by cap2cap10
I need a simple php script that verifies that a user came from my parent website and not from any other site.
If the user did not come from the parent site then they should be redirected to the home page to login.
Any php technorati out there who knows how to do this?
Thanks in advance,
Batoe
Re: I need a php script that verifies parent website!!
Posted: Thu Aug 28, 2008 1:55 pm
by cap2cap10
ok, how's this:
Code: Select all
<?php
$foobar = getenv('HTTP_REFERER');
function check_previous()
{
if ($foobar != 'www.yoursite.com')
{
Header('Location: http://www.yourhomepage.com');
}
}
?>
Let me know if I did something wrong.
Batoe
Re: I need a php script that verifies parent website!!
Posted: Thu Aug 28, 2008 2:11 pm
by onion2k
Moved to PHP - Code folder.
Your script there has a number of problems.
1. The scope of the $foobar variable means it won't be visible inside your function, so every time you call the function you'll end up redirecting the user.
2. The function doesn't strip off the protocol or the file path from the referer. You'll need to remove the http:// or https:// bit from the front and any file like index.php or users/username/ from the end.
3. Sending the refererer is optional. Some users will have come from the parent site yet HTTP_REFERER will be empty. You'll be redirecting people even though they're not meant to be redirected.
Re: I need a php script that verifies parent website!!
Posted: Thu Aug 28, 2008 2:24 pm
by cap2cap10
ok,
1. The scope of the $foobar variable means it won't be visible inside your function, so every time you call the function you'll end up redirecting the user.
How do I narrow the scope to make sure the function will recognize the previous url?
Batoe
Re: I need a php script that verifies parent website!!
Posted: Thu Aug 28, 2008 2:30 pm
by onion2k
Re: I need a php script that verifies parent website!!
Posted: Thu Aug 28, 2008 2:52 pm
by cap2cap10
Ok,
I have included the variable within the function {};
2. The function doesn't strip off the protocol or the file path from the referer. You'll need to remove the http:// or https:// bit from the front and any file like index.php or users/username/ from the end.
What If I need the user to come from a specific subdirectory, can I keep the "users/username/" for example?
Batoe