Welcome to WebmasterWorld Guest from 54.161.64.174

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

php back button?

How to make back button with php

     
5:23 pm on Jan 22, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hello,

I'm pretty sure you can do it by getting the referrer, but is this a reliable way to make a back button?

Thanks

5:30 pm on Jan 22, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Since the referrer may be faked or suppressed it is not reliable. But neither is a JavaScript approach. I usually check for a referrer and when it is present use that otherwise I use
javascript:history.back()
.

If I need to be 100% sure that the button will work I pass the referring page along in the URI. If you use sessions than just remember the last page in your session container and use that URI.

Andreas

5:58 pm on Jan 22, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



and then 'back' on the previous page, you can't go back any further, right? ;)

i often wondered about this, but do people not use the back button of their browser instead of clicking a link or button?

7:06 pm on Jan 22, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Thanks Andreas. It's not mission critical, so I'll try your first suggestion.

if (isset($HTTP_REFERER)) {
echo "<a href='$HTTP_REFERER'>BACK</a>";
} else {
echo "<a href='javascript:history.back()'>BACK</a>";
}

That's my first guess at it. Probably wrong.

>>>do people not use the back button of their browser instead of clicking a link or button?

I think it helps keep the mouse in a closer proximity when surfing a thumbnail type setup. They don't have keep going back up to the browser.

7:32 pm on Jan 22, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The code looks good Birdman. I´d use the
$_SERVER['HTTP_REFERER']
superglobal just to be sure. Checking whether the referrer is a valid URI and on your domain might be a good idea as well. After all this could be anything1, so simply echoing it will open up your site to all kinds of code injections vulnerabilities.

Andreas


1 Some people around here are known to put rather large strings into the HTTP request headers´ User-agent field. ;) The same could be done with the Referer field as well.
7:38 pm on Jan 22, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Thanks again, Andreas. Would you mind describing the method used to validate the referrer? I'd appreciate it.
9:14 pm on Jan 22, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



i think putting it into htmlspecialchars [php.net]($email) will prevent you from code injection problems.
2:25 am on Jan 23, 2003 (gmt 0)

10+ Year Member



<script>
function backhref(a) {
if (document.referer == a.href) {
history.back();
return false
}
}
</script>

<a href="abc.html" onclick="return backhref(this)">def</a>

2:42 pm on Jan 30, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Have a look at Validating an URI [webmasterworld.com] to see how to validate a referrer.

Andreas

 

Featured Threads

Hot Threads This Week

Hot Threads This Month