Page 1 of 1
PHP Referal: Please god, can somebody help us!!
Posted: Mon Jun 26, 2006 7:59 am
by SteveMellor
I am writing because I am currently in a horrible situation. I need help and any advise that you can give.
A third party has the control of one of the domain names associated with one of our clients and had pointed this to a porn site. Now, he has subsequently changed this (I think because he was breaking his hosting companies rules) and pointed it to one of our clients. So I was wondering...
The PHP problem:
Can I read the referring URL and use that (as a variable in PHP) to redirect the page to the correct URL? If so, what are peoples suggestions?
I hope this makes sense and I hope someone out there can help.
Thanks in advance for your time.
Posted: Mon Jun 26, 2006 8:07 am
by JayBird
.htaccess would probably be the best route here
Code: Select all
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://www.evil-domain.com/$ [NC]
RewriteRule ^(.*)$ http://www.the-correct-domain.com/$1 [R=301,L]
Posted: Mon Jun 26, 2006 8:13 am
by namitjung
If i get you exactly then i don't think there is any way to control this from php. domain name will directly point to the another site and there is no url avilable in your php code,since the web hosting companies are different.(I assumed) that..
However to read the refering url you can use
Code: Select all
$_SERVER['SCRIPT_NAME']
$_SERVER['REMOTE_ADDR']
Posted: Mon Jun 26, 2006 8:20 am
by namitjung
But i think rewrite works on .htaccess file on the hosting server only(For client). if domain is directly pointed to the another hosting server how can is it possible to use .htaccess file in another hosting server.
Posted: Mon Jun 26, 2006 8:22 am
by JayBird
namitjung wrote:But i think rewrite works on .htaccess file on the hosting server only(For client). if domain is directly pointed to the another hosting server how can is it possible to use .htaccess file in another hosting server.
If the "evil domain" is redirecting to the domain then the above ReWrite rule will work.
If the "evil domain" DNS is set up to point directly to the domain the you could use
Code: Select all
RewriteEngine on
RewriteCond %{HTTP_HOST} ^http://www.evil-domain.com/$ [NC]
RewriteRule ^(.*)$ http://www.the-correct-domain.com/$1 [R=301,L]
Posted: Mon Jun 26, 2006 9:24 am
by SteveMellor
namitjung:
Thanks for your reply. Unfortunately it wouldn't work since the '$_SERVER['REMOTE_ADDR'] ' variable will only give me the URL that is redirected to.
Pimptastic:
Again, thank you for your reply. I'd like to know a little more about the .htaccess file as I've not really used them before. I do now have a .htaccess file in the www folder (I assume) of the server (I can't access the root or I would assume that it should be put there). The file reads exactly what you wrote with the URLs changed to the correct ones. However this is not working. It's probably something I've done I'm afraid.
Any more thoughts?
Once again, thank you all for your time.
Some more information: HTTP_REFERER does not work
Posted: Tue Jun 27, 2006 4:29 am
by SteveMellor
Ok, I have done a few tests myself and I think this is the problem with using 'HTTP_REFERER'. I added the following script into the head of the document;
Code: Select all
<?php echo '<!-- '.$_SERVER['HTTP_REFERER'].' -->'?>
Which in theory should echo a HTML comment with the address of the refering URL in. This works when going through our sites portfolio, sure enough the comment is there and it shows (right down to the page title) where the user came from.
Unfortunately, if you use the rogue URL, there is nothing. I'm sure this means that there is nothing I can do about my problem, which is making me (and my client) most unhappy, as you can imagine.
If anyone has any thoughts on what can be done I would be most greatfull.
Posted: Tue Jun 27, 2006 6:13 am
by HubGoblin
.htaccess needs apache mod_rewrite enabled. It won't work if this module is not enabled. Also looking at the regluar expression there it will be very easy to trick it.
Code: Select all
RewriteEngine on
RewriteCond %{HTTP_HOST} ^http://www.evil-domain.com/$ [NC]
RewriteRule ^(.*)$ http://www.the-correct-domain.com/$1 [R=301,L]
this will match on
http://www.evil-domain.com/ but will NOT match on
http://www.evil-domain.com
so technicaly 90% of your users will still view evil domain.
Also flags [NC] can be tricky too. C flag means if the rule does not match, then all following chained rules are skipped.
Also to make sure that rewrite module is enabled you can try:
Code: Select all
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteEngine on
RewriteCond %{HTTP_HOST} ^http://www.evil-domain.com/$ [NC]
RewriteRule ^(.*)$ http://www.the-correct-domain.com/$1 [R=301,L]
</IfModule>
Posted: Tue Jun 27, 2006 6:24 am
by JayBird
HubGoblin wrote:Also flags [NC] can be tricky too. C flag means if the rule does not match, then all following chained rules are skipped.
That is correct, but not in this context.
If i had written [NC,C], then that would have been the case
[NC] means
No Case i.e. case-insensitive.
[C] means
Chain
Having said all that, [C] is only used on the RewriteRule, not the RewriteCond