php redirect - please how to? - PHP Server Side Scripting forum at WebmasterWorld

Forum Moderators: coopster

Message Too Old, No Replies

php redirect - please how to?

if the surfer access to a page which does not accept visitors directly

tito

5:01 pm on Sep 29, 2004 (gmt 0)

I'm using the above script to redirect visitors not coming from my URL [domain.com...] and trying to access a certain page of my website.

How can I add one more URL (e.g.; [domain.com...] from where visitors are accepted?

Thanks in advance
tito

jezra

5:24 pm on Sep 29, 2004 (gmt 0)

to block direct access to page "B" from all but page "A", put a form in page "A" with a hidden field "access"="good"(this is just an example), use the post method to transfer the data. Submit the form to page "B". In page "B", check the $_POST['access'], if it is not "good", use header("Location: badaccess.htm");

hope this helps
jez
geez, I need more coffee

mincklerstraat

5:53 pm on Sep 29, 2004 (gmt 0)

jezra's idea is a really good one for what you want to do. If it's too complicated for you at the moment and you just want that second url listed:

<?
$from = getenv("HTTP_REFERER");
if ($from!= "http://www.domain.com/")
/* If URL is invalid the following error message and proper link appears*/
{print(" Sorry you have tried to link to a page which does not accept visitors directly. <br>
<a href=http://www.domain.com/>CLICK HERE</a> to enter
<br>We've also got this other page where you're supposed to go first if you want to come to this page or whatever, click <a href='ht*p://www.domain.com/otherpage.html'>here</a> for that page.");
exit;}
?>

Later you'll want to learn about stuff like header() for more 'real' redirects. About the function print:
[be2.php.net...]

jezra

6:18 pm on Sep 29, 2004 (gmt 0)

On a side note, now that I've had a quart of coffee:
according to the PHP documentation, not all browsers will set the HTTP_REFERER variable.

[us2.php.net...]

from the document:
'HTTP_REFERER'

The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.

tito

6:38 pm on Sep 29, 2004 (gmt 0)

mincklerstraat:
no, my question is:

have a script which recognize 2 URL as authorized from where visitors can reach a certain page.
any other will be blocked.

'HTTP_REFERER' is not a problem, it's enough to block those browsers which reckon it, the rest doesn't matter..

jezra's first example seems to be very good but far from my possibilities.

any chance to list a second authorized URL on my original script please? or a better solution, thanks so much.

jezra

7:03 pm on Sep 29, 2004 (gmt 0)

If you want to just use the HTTP_REFERER variable:

<?
$bad_referer = true; //we are pessimistic

$from = getenv("HTTP_REFERER");
if ($from == "http://www.domain.com/" ¦¦ strstr( $from, "NAMEOFGOODPAGE.PHP" ) )
$bad_referer = false;

if($bad_referer)
/* If URL is invalid the following error message and proper link appears*/
{print(" Sorry you have tried to link to a page which does not accept visitors directly. <br>
<a href=http://www.domain.com/>CLICK HERE</a> to enter");
exit;}
?>

tito

9:12 pm on Sep 29, 2004 (gmt 0)

Thanks jezra, I'll try that.