Welcome to WebmasterWorld Guest from

Forum Moderators: brotherhood of lan & mack

Message Too Old, No Replies

Best way to prevent pages being called directly?

I want people to access the pages through main site

10:54 am on Sep 15, 2005 (gmt 0)

5+ Year Member


I have created a site based on a template, I do not know the correct term to cover this so I will explain how it works:

I have one php page (index.php) which includes the relevant page when a user clicks on a link i.e. the url may look like '<site url>/index.php?page=news' so this includes the content from the file news into the index page.

What I would like to know is what is the best way to prevent a vistior to the site just going to '<site url>/news'. I would like to detect if the page was called directly and if so redirect them back to the home page.

I hope this makes sense.

Any help appreciated.

4:31 pm on Sep 15, 2005 (gmt 0)

10+ Year Member

You can alter the the URL so that users can't see where you are pulling your data from using the Apache re-write rules

I'd check out the Apache forum for more information.

Hope this helps.

4:46 pm on Sep 15, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Be careful with that concept. I understand your wanting to control the starting point but many would agree that direct-to-the-page is best from several marketing standpoints.

I can say that in my aff sites, if a particular producer will not allow me to link directly to a product page, using a redirect as you would like to do, they are usally dropped from my selling efforts. I can also say, if I clicked on a link with specific link text, especially if it were a serp, and it went to a general topic home page I would likely leave.

Many here really dislike a deep linking (as it is sometimes called) to an internal page but I disagree because it's what's best for me, the surfer, not because it's best for you or the owner. IMHO

Imagine if I had to go to the CNN home page everytime I wanted the CNN Sports page...

7:25 am on Sep 16, 2005 (gmt 0)

5+ Year Member

The reason I want to do this is that my index page calls the html pages as includes so if a visitor to the site was able to just put in the html file in the url i.e. '<site url>/news.html' instead of '<site url>/index.php?page=news' then the just the contents of the html file will be displayed, there will be no menu system or navigation back to the main site, I would have though this was a common issue when using php templates?.

If I were to let direct access to each page then I would need to include all the menu code in to each page (so each page would be rendered in full - i.e. to make it look the same as if the visitor choose <site url>/index.php?page=news)and this would negate the use of templates as each page would become cluttered and not so easy to just add content. I am new to web design so I may have got the whole thing worng - I am open to suggestions.


7:37 am on Sep 16, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Why not simply include your navigation with the include function?


I think that's probably the most common solution around. That's how I handle (most of) my header and footers. For a dynamic template that might produce 1000's of pages it's a matter of adding a few lines of code to the template.

7:49 am on Sep 16, 2005 (gmt 0)

5+ Year Member

Thats what my index page does, so basically I would be duplicating the code in my index page to all the content pages, not sure how well that would work for me, I use php session to store various info like what menu option is currently active and what sub category to display (its an expanding menu), I will have to give it a go and find out. One though I have had is to do a test to see if a particular variable has been set which if they have not gone via the index page it will not and then just redirect them to the page they want by issueing the correct url i.e. <site url>/index.php?page=news that should be ok shouldnt it?

I really appreciate all the input I have received on this, thanks for bearing with my ignorance.

10:54 am on Sep 16, 2005 (gmt 0)

10+ Year Member

If the page you're including are plain HTML, then you can't stop anyone from calling them directly. If the pages were ASP, PHP or whatever you use, you could potentially work around the problem by setting a session variable on the index.php which is checked on the included page. A simple If statement around the page that's being included to see if the session variable exists would do the trick.

I don't know PHP, so I can't offer you code, but the principle should be clear:

- On index.php set a session variable at the very beginning of the page. The session variable could be the name of the file you're including, i.e. products.php.
- On the included page, i.e. products.php, put an If statement around the whole page to check if the session variable is set to the name of the included page, i.e. products.php. If it is, the page is "executed", if not, it's not and a redirect is issued.


12:06 pm on Sep 16, 2005 (gmt 0)

5+ Year Member

Thank you that would work a treat on my current template, are there any downsides to doing it this way?
1:16 pm on Sep 16, 2005 (gmt 0)

10+ Year Member

Downside is that you need to have sessions enabled, i.e. cookies allowed at the client end. Other than that, I can't think of anything else.

Also, instead of redirecting to a general page, why not point straight to the "proper" page loaded via index.php, i.e. index.php?thepage=products.php. That way people would see what they were looking for using the template you set up.


1:27 pm on Sep 16, 2005 (gmt 0)

5+ Year Member

Cookies do not need to be enabled when using PHP sessions as far as I was aware?, regards to your other suggestion thats now implemented! thanks :-)
1:40 pm on Sep 16, 2005 (gmt 0)

10+ Year Member

I couldn't say for sure, but I think you still need cookies for PHP sessions. How else would the server know which session belongs to which client? Give it a go if you like, but I think you find it needs cookies - at least session cookies.


2:20 pm on Sep 16, 2005 (gmt 0)

5+ Year Member

Just tested and you are correct, not sure why i thought otherwise..., most people allow cookies anyway dont they!?

Featured Threads

Hot Threads This Week

Hot Threads This Month