Welcome to WebmasterWorld Guest from 188.8.131.52
There are two snippets, this one prints my referer so I have something to check against as to what the server is thinking the referer really is:
$check = $_SERVER["HTTP_REFERER"];
and this one is supposed to display appropriate message ("yes" or "no") based on the referer:
if ($_SERVER["HTTP_REFERER"] = "http://www.mydomain.com/page.php")
what puzzles me is that if I arrive to the page holding this script from page.php, it gives me "yes" (the referer from the first script above also says [mydomain.com...] is good
but if I arrive from any other page it still says "yes"...? (yet the referer from first script is still correct showing me what other page I arrived from)
is there a problem with my if else statement or what, this does not make sense to me
read the PHP manual [us2.php.net]
using HTTP_REFERER is not bullet proof
if you can use REQUEST_URI and PHP_SELF
you will have two values to check or match
simon, you were right about the "=="
but let me take this subject in a bit different direction since after swapping == all seams to work (pending more tests that is)
I'm actually checking the referer for the home page (index.html)
I want "yes" if I arrive from the home page and "no" if I arrive from anywhere else
The problem now seams to be that comming from home page as in being typed in as www.mydomian.com in the address bar results in a referer being "http://www.mydomian.com/" but if came from the home page AFTER already visiting other pages prior to home page, the referer is "http://www.mydomian.com/index.html"
(if I code "yes" to appear for "http://www.mydomian.com/" it actually assumes all pages under the domain therefore "no" will never get to execute)
I don't know if I'm being clear here but basicly I need to either:
1. have a way for php to distinguish that "http://www.mydomian.com/" is only and only the same as "http://www.mydomian.com/index.html", not all pages under the domain, or
2. figures somethign out from the other end and have the home page always present itself as "http://www.mydomian.com/" (or "http://www.mydomian.com/index.html", whichever is actually possible) so that php does not get confused down the road
any thoughts on this dilemma?
in my case nothing really horrible is going to happen, just a bit of an esthetical defficiency.
so is there a way for php to differentiate [domain.com...] from the domain as a whole site?
also a question... by saying "they don't send referer", is it about certain browsers not doing that or is it a config that can be set somewhere?
I'm asking in part because I'm wondering if there is a way to test such scenario, disable sending the referer to see how web page reacts...?
session idea crossed my mind once but I guess I ignored it because of the small scale of my issue, again it's all just about esthetics and mixing sessions into this seamed like this oversized sollution
I am looking into it again though
how exactly do you go about it henry?
but let's try the regular SESSION and then use ISSET
if a session is created via a $_POST (form)
you will create the SESSION as follow
at the very top of your page add
then we use the POST value
then to use the session wherever
again as always start by
and then add
so now you may use the value $my_page all over the place!
Now without a $_POST
create a var for ex: $my_page="index.php";
there you have it
you can experiment around isset()
if (!isset($_SESSION['my_page']) )
or reverse it by using
if (isset($_SESSION etc.....
Review the manual
Session unset and destroy.
You need to initialize the session in order to use it
if it is passed via a POST, no problem!
but if using the second solution you have to be sure that it will be created so for example if you set it on your index page it will always be "cranked on" since your user starts here or it will not be and then you might have the answer you are looking for.