$referers = array ('xyz.com','www.xyz.com');
attached is the script which is called by http://xyz.com/?id=any_page.php
If anyone can suggest some code to check referer before the code is run, i would be very very greatful. cheers.
Code: Select all
<?php
// add referrer security check here...
if ( isset($_GET['id']) && $_GET['id'] <> '' ) // If id is set, then set include to that value
{
$include = $_GET['id'];
}
elseif ( (!isset($_GET['id']) || $_GET['id'] == '') && isset($_GET['image']) ) // If id not set, but image is, don't include anything
{
$include = FALSE;
}
else // id and image not set, so include a default page
{
$include = 'home.php';
}
if ( $include != FALSE)
{
if ( is_file($include) ) // If finds file, then include it
{
include $include;
}
else // File doesn't exist, so show 404 page
{
include '404.php';
}
}
// Show the image if set
if ( isset($_GET['image']) && $_GET['image'] <> '' )
{
$image = $_GET['image'];
}
// end include
?>