1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 2:55 pm Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Using SERVER'HTTP REFERER' in login redirect?

         

Ahkamden

9:48 pm on May 5, 2010 (gmt 0)

10+ Year Member



Hi...I know how it's parsed up there isn't right but when I did a search with correct syntax it stripped some out...

So I wanted to know if there's any major risk in using http_referer for when someone logs in? I've read it can be spoofed but it's only used for members of the script, not admins. Is there a glaring security risk with using this?

eelixduppy

9:57 pm on May 5, 2010 (gmt 0)



It should be fine. If you want, you can take extra precaution and redirect only within your website, and if it's anywhere else (or the referrer doesn't exist in the first place) redirect to a predefined location.

Ahkamden

10:15 pm on May 5, 2010 (gmt 0)

10+ Year Member



thanks eelix, can you possibly point me in the general direction of how it checks the url to do that?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 2:55 pm Apr 28, 2026