homepage Welcome to WebmasterWorld Guest from 174.129.130.202
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Request Referer PHP problem
ukgimp




msg:1256129
 1:49 pm on Aug 2, 2002 (gmt 0)

Hello

I have a Recommend page script written in PHP that requests the referer and allows a form to be filled in. It then stuffs the referer parameter into the email and then also into a hidden field. Trouble is that is submits to itself for validation etc, so the referer is the mailto.php page and not the original referer. Any suggestions.

I was trying to avoid the use of Java and i was using the _target to open a new window.

Cheers

Richard

 

ergophobe




msg:1256130
 7:06 pm on Aug 2, 2002 (gmt 0)

The firs ttime you request the referer, it's presumably correct, no? In that case, just assign it as a named GET/POST var and then extract it later.

By the way, that's what ww.php.net does for their comment form for the manual. When you click to "Add a comment" in the documentation, they pass the original URL (the man page your on) to the comment page as a GET param rather than depending on the referer var. I'm not sure why.

Tom

transistor




msg:1256131
 8:04 pm on Aug 2, 2002 (gmt 0)

Hi ukgimp, ergophobe

Another trick would be to store the URL in a different variable as soon as you get it the first time and pass that variable in a hidden text field.

Another idea would be to use a session variable to pass the URL around.

ergophobe




msg:1256132
 9:57 pm on Aug 2, 2002 (gmt 0)


Another trick would be to store the URL in a different variable as soon as you get it the first time and pass that variable in a hidden text field.

I guess I wasn't very clear! That's what I meant. Oh well. A session's not a bad idea though. I'll have to think on that one.

ukgimp




msg:1256133
 10:55 pm on Aug 2, 2002 (gmt 0)

Thanks.

I thought and tried about the session variable angle but I was unable to get it to work.

Monday, I will take on board your advice try again and see how it goes.

Cheers

rewboss




msg:1256134
 7:22 am on Aug 3, 2002 (gmt 0)


if($url_of_referring_page != $PHP_SELF){
$url_of_referring_page = $HTTP_REFERER;
}

Won't that work?

Failing that:

if(!isset($url_of_referring_page)){
$url_of_referring_page = $HTTP_REFERER;
}

Nick_W




msg:1256135
 7:30 am on Aug 3, 2002 (gmt 0)

I think that'll work rewboss. Actually I'd couple that with a session solution. Then no matter how many time Mr. Dumb user messes up the form, it's always there waiting to be used.

If you're having trouble with the sessions ukgimp, post the code. It should be relatively easy, you're probably just missing something obvious to everyone but you ;) Happens to me everyday!

Nick

toadhall




msg:1256136
 5:04 pm on Aug 3, 2002 (gmt 0)

Hi ukgimp,

Use this line in the form:

<input type=hidden name=recd value="<?=isset($recd) ? $recd : $HTTP_REFERER?>">

It'll pick up the referrer from the linked page and send it through the validation as $recd, then use it again if the visitor is sent back to the form.

It's a "ternary" operator.

ukgimp




msg:1256137
 10:50 am on Aug 5, 2002 (gmt 0)

Thanks for the responses. I have tried all three suggested methods and I cannot seem to get any to work. The code below is using the method suggested by rewboss but after submitting the page to istself the referer seems to cascade down and as a result still recommends itself and not the referer. Sorry for posting such an epic message.

CODE

<?PHP

# Edit variables below:
#
# Title of the "poped" page:
$GLOBALS["title"]="E-mail this page to a collegue";
# Path to mailto.php script:
$GLOBALS["path"]="mailto.php";
# Site name:
$GLOBALS["site_name"]="MY Site";
# webmaster's email:
$GLOBALS["your_email"]="my email";

$GLOBALS["url"]= "$HTTP_REFERER";

if($url_of_referring_page!= $PHP_SELF){
$url_of_referring_page = $HTTP_REFERER;
}

##############################################
function show_form() {
?>
<html>
<head>
<title><?PHP echo $GLOBALS["title"];?></title>
</head>
<body>
Recommend <b><?PHP echo $GLOBALS["url"];?></b> to a friend ...
<form method="post" action="<?PHP echo $GLOBALS["path"];?>">
<input type=hidden name="url" value="<?PHP echo $GLOBALS["url"];?>">
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr align="left" valign="top">
<td width="50%"> Your name: </td>
<td>
<input type="text" name="form[from]" size="30">
</td>
</tr>
<tr align="left" valign="top">
<td> <small>*</small> Your e-mail: </td>
<td>
<input type="text" name="form[from_email]" maxlength="40" size="30">
</td>
</tr>
<tr align="left" valign="top">
<td> <small>*</small> Friend's e-mail:</td>
<td>
<input type="text" name="form[to_email]" size="30">
</td>
</tr>
<tr align="left" valign="top">
<td> Short note about this page: </td>
<td>
<textarea name="form[comment]" rows="5" cols="30"></textarea>
</td>
</tr>
<tr align="left" valign="top">
<td>
<input type="submit" name="submit" value="Send">
<input type="reset" name="Reset" value="Reset">
</td>
<td>&nbsp;</td>
</tr>
</table>
<p><small>* - required!</small></p>
</form>
</body>
</html>

<?PHP
}

function error($string) {
print ("<div align=center valign=center><b>Warning:</b> $string<br><br>
[ <a href=\"javascript:history.go(-1)\">Back</a> ]
[ <a href=\"javascript:window.close()\">Close this window</a> ]
</div>");
exit;
}

function check_email ($address) {
# this function was copied from PHP mailing list
return
//mod note: line breaks added for side scroll
(ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{}~]+'.'@'.' [-!#$%&\'*+\\/0-9=?A-Z^_`a-z{}~]+\.'.'[-!#$%&\'*+\\. /0-9=?A-Z^_`a-z{}~]+$',$address));
}
// end mod note: jatar_k
if ($submit) {

if (! check_email ($form["from_email"]) ! check_email ($form["to_email"]) ) error ("Invalid e-mail address!");
$date=date( "D, j M Y H:i:s -0600");
$to_email=$form["to_email"];
$from=$form["from"];
$from_email=$form["from_email"];
$comment=$form["comment"];
$site_name=$GLOBALS["site_name"];
$your_email=$GLOBALS["your_email"];
$message="Hi!\n\n$from ($from_email) invited you to visit $site_name!\nCheck out this URL: $url_of_referring_page";
if ($form["comment"]!= "") {
$message.="\n\n$from left you a note:\n$comment";
}
$message.="\n\n\n-------------------------------------------------------------------\n";
$subject="You were invited by $from to visit ".$GLOBALS["site_name"]."!";
$add="From: $site_name <$your_email>\nReply-To: $from_email\nDate: $date\n";
if (@mail ("$to_email","$subject","$message","$add")) {
echo "<center>Message sucessfully send!<br>Thank you!<br><br>[ <a href=\"javascript:window.close()\">Close this window</a> ]</center>";
} else error ("Internal server error. Cannot send email, please try later!");

} else show_form();

?>

[edited by: jatar_k at 10:52 pm (utc) on Mar. 19, 2003]

toadhall




msg:1256138
 6:11 pm on Aug 5, 2002 (gmt 0)

It was a problem with the Global variables and the show_form function. So I removed the function and added a few things (noted at the top of the code).

The email checker was throwing errors so I substituted a simple one for testing.

<?PHP
# CHANGES - lines 16-19; 32,33; 58,59; 70,71. Removed show_form function and moved html (ll. 62-108)
# CAUTION - line 37
# Edit variables below:
#
# Title of the "poped" page:
$GLOBALS["title"]="E-mail this page to a collegue";
# Path to mailto.php script:
$GLOBALS["path"]="mailto.php";
# Site name:
$GLOBALS["site_name"]="MY Site";
# webmaster's email:
$GLOBALS["your_email"]="my email";
$GLOBALS["url"]= "$HTTP_REFERER";

# added this; removed the other conditional
if (empty($url_of_referring_page)){
$url_of_referring_page = $HTTP_REFERER;
}

############################################################

function error($string) {
print ("<div align=center valign=center><b>Warning:</b> $string<br><br>
[ <a href=\"javascript:history.go(-1)\">Back</a> ]
[ <a href=\"javascript:window.close()\">Close this window</a> ]
</div>");
exit;
}

function check_email ($address) {
# this function you copied from PHP mailing list was returning errors so I threw in this simple one for testing purposes
return (ereg("^.+@.+\\..+$",$address));
}

if ($submit) {
/*** re-enter the "pipes' below after copying ***/
if (! check_email ($form["from_email"]) ! check_email ($form["to_email"]) ) error ("Invalid e-mail address!");
$date=date( "D, j M Y H:i:s -0600");
$to_email=$form["to_email"];
$from=$form["from"];
$from_email=$form["from_email"];
$comment=$form["comment"];
$site_name=$GLOBALS["site_name"];
$your_email=$GLOBALS["your_email"];
$message="Hi!\n\n$from ($from_email) invited you to visit $site_name!\nCheck out this URL: $url_of_referring_page";
if ($form["comment"]!= "") {
$message.="\n\n$from left you a note:\n$comment";
}
$message.="\n\n\n-------------------------------
$subject="You were invited by $from to visit ".$GLOBALS["site_name"]."!";
$add="From: $site_name <$your_email>\nReply-To: $from_email\nDate: $date\n";
/*
if (@mail ("$to_email","$subject","$message","$add")) {
echo "<center>Message sucessfully send!<br>Thank you!<br><br>[ <a href=\"javascript:window.close()\">Close this window</a> ]</center>";
} else error ("Internal server error. Cannot send email, please try later!");
*/
# the following line for testing purposes; remove and uncomment above
echo "$to_email<br>$subject<br>$message<br>$add";
} else {
?>
<html>
<head>
<title><?PHP echo $GLOBALS["title"];?></title>
</head>
<body>
Recommend <b><?PHP echo $GLOBALS["url"];?></b> to a friend ...
<form method="post" action="<?PHP echo $GLOBALS["path"];?>">
<input type=hidden name="url" value="<?PHP echo $GLOBALS["url"];?>">
<!-- added the following line -->
<input type=hidden name=url_of_referring_page value="<?=$url_of_referring_page?>">
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr align="left" valign="top">
<td width="50%"> Your name: </td>
<td>
<input type="text" name="form[from]" size="30">
</td>
</tr>
<tr align="left" valign="top">
<td> <small>*</small> Your e-mail: </td>
<td>
<input type="text" name="form[from_email]" maxlength="40" size="30">
</td>
</tr>
<tr align="left" valign="top">
<td> <small>*</small> Friend's e-mail:</td>
<td>
<input type="text" name="form[to_email]" size="30">
</td>
</tr>
<tr align="left" valign="top">
<td> Short note about this page: </td>
<td>
<textarea name="form[comment]" rows="5" cols="30"></textarea>
</td>
</tr>
<tr align="left" valign="top">
<td>
<input type="submit" name="submit" value="Send">
<input type="reset" name="Reset" value="Reset">
</td>
<td>&nbsp;</td>
</tr>
</table>
<p><small>* - required!</small></p>
</form>
</body>
</html>

<?
}
?>

[edited by: jatar_k at 10:51 pm (utc) on Mar. 19, 2003]
[edit reason] sidescroll [/edit]

ukgimp




msg:1256139
 1:29 pm on Aug 7, 2002 (gmt 0)

Hello

I have been trying this for some time now, I did not get it to work with the sessions as mentioned above. Thanks to all of you that helped especially rewboss and toadhall. I will keep trying the ternary operators and sessions as this is something I need to get to grips with.

I did come up with another solution that for those that are intersted.

Append the url of the linking page to the link by using :

$url = $HTTP_SERVER_VARS["HTTP_HOST"] . $HTTP_SERVER_VARS["REQUEST_URI"]

and then adding the $url to the href

<a href="page.php?url=<?php print ("$url") ?>" target="_blank ">Email link </a>

Then use the original code above.

Cheers

toadhall




msg:1256140
 5:43 pm on Aug 7, 2002 (gmt 0)

Gimme' one more shot ukgimp ;)

The problem stems from here (in the top section of the code):
if($url_of_referring_page != $PHP_SELF){
$url_of_referring_page = $HTTP_REFERER;
}

Two parter:
1) Variable scope. You need to set the $url_of_referring_page variable as global too.
2) As it stands the conditional will return the url of the mailto script each time the form is submitted ($url_of_referring_page would not equal the url of the script therefore $url_of_referring_page would now become $HTTP_REFERER, the url of the script).

Use this (if I may be so bold):
if (empty($GLOBALS["url_of_referring_page"])){
$GLOBALS["url_of_referring_page"] = $GLOBALS["url"];
}

...and this new hidden field in your form (substitute it for the one there):
<input type=hidden name=url_of_referring_page value="<?=$GLOBALS["url_of_referring_page"]?>">

...at line 97 you'll need to change the variable reference:
$message="Hi!\n\n$from ($from_email) invited you to visit $site_name!\nCheck out this URL:" . $GLOBALS["url_of_referring_page"];

check_mail() function errors:
If you've copied this script and pasted it you may have bad pipes. Sounds gruesome. Often a copied pipe will, when pasted, end up as two short lines in a vertical stack rather than one unbroken pipe, (bad pipe). Pipes are used in your check_mail() function and in a conditional statement just below it. In the function they appear between curly braces thus {}, and in the conditional they're used as a logical OR (). Just overwrite them with fresh pipes from your keyboard. Otherwise the function throws errors. (There's another one in the javascript of your error() function, but it's not crucial).

T

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved