1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 6:34 pm Apr 27, 2026

Forum Moderators: coopster

Message Too Old, No Replies

filter requests by domain

help modify a script

         

smilem

9:20 am on Aug 31, 2017 (gmt 0)

5+ Year Member



hello, I have this php script on" domain22.com" that processes the requests:

mysa_output.php 

<?php
$mysa_ipaddress = strip_tags($_GET['r']);
if(strip_tags(urldecode($_GET['h']))!='') $mysa_hostname = strip_tags(urldecode($_GET['h']));
if(strip_tags(urldecode($_GET['rf']))!='') $mysa_referer = strip_tags(urldecode($_GET['rf']));
$mysa_show_ad_group = strip_tags($_GET['show_ad_group']);
$mysa_show_ad = strip_tags($_GET['show_ad']);
if (is_numeric($mysa_show_ad_group)){
  include_once("mysimpleads.php");show_ad_group($mysa_show_ad_group);
} else if (is_numeric($mysa_show_ad)){
  include_once("mysimpleads.php");show_ad($mysa_show_ad);
} else {
  exit;
}
?>


Then I have code that I put on some other domain33.com that connects to this script to pull data 

<?php @readfile('http://domain22.com/mysa_output.php?r='.$_SERVER['REMOTE_ADDR'].'&h='.urlencode($_SERVER['HTTP_HOST']).'&rf='.urlencode($_SERVER['HTTP_REFERER']).'&show_ad=2'); ?>


My problem is that I need to filter and allow the domain33.com and "&show_ad=2" so that from domain33.com you can't view others ID ads like "&show_ad=5" "&show_ad=10" etc.

There would be multiple domains, and ID's. Simple cycle check would work fine.

As I understand need to put some code into the mysa_output.php

Thank you.

smilem

10:02 pm on Aug 31, 2017 (gmt 0)

5+ Year Member



So far I found this code"
[webmasters.stackexchange.com...] 

<?php
  $yoursite = "yoursite.com"; //Your site url without http://
  $yoursite2 = "www.yoursite.com"; //Type your domain with www. this time

  $referer = $_SERVER['HTTP_REFERER'];

  //Check if browser sends referrer url or not
  if ($referer == "") { //If not, set referrer as your domain
    $domain = $yoursite;
  } else {
    $domain = parse_url($referer); //If yes, parse referrer
  }

  if($domain['host'] == $yoursite || $domain['host'] == $yoursite2) {

    //Run your image generation code

  } else {

    //The referrer is not your site, we redirect to your home page
    header("Location: http://yoursite.com");
    exit(); //Stop running the script

  }  
?>


But my basic knowledge does not allow me to use this, anyone can help?

smilem

10:11 pm on Aug 31, 2017 (gmt 0)

5+ Year Member



By using code bellow I found out that some browsers seems to send blank referrer.

Refferring URL: No referrer set 

<?php
//get pg referer if there is one
 if (isset($_SERVER['HTTP_REFERER'])) {
 $ref_url = $_SERVER['HTTP_REFERER']; //get referrer
 }else{
 $ref_url = 'No referrer set'; // show failure message
 }//end else no referer set
echo "<h3>Refferring URL: $ref_url</h3>";
?>


What to do now, how does the free (adserver) filter the deliver y options by domain?

[edited by: phranque at 4:00 am (utc) on Sep 1, 2017]
[edit reason] no specifics, please. see forum Charter [/edit]

phranque

3:59 am on Sep 1, 2017 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



you will probably need to use third party cookies for this.

Peter_S

10:36 am on Sep 1, 2017 (gmt 0)

5+ Year Member Top Contributors Of The Month



I am not sure I understood everything, are you expecting the "readfile" to set a referer ? If so you have to set it manually.

For example: 


$current_page = ( isset ( $_SERVER [ 'HTTPS' ] ) ? 'https' : 'http' ) . '://' . $_SERVER [ 'HTTP_HOST' ] . $_SERVER [ 'REQUEST_URI' ] ;

$opts = array (
    'http' => array (
      'header' => array ( 'Referer: ' . $current_page . "\r\n" )
    )
) ;

$context = stream_context_create ( $opts ) ;

readfile( <url> , false , $context ) ;


But I doubt that this is what you really want to achieve, because as you can see, you can set anything as referrer, so this is not restricting access in anyway.

smilem

7:51 pm on Sep 2, 2017 (gmt 0)

5+ Year Member



It seems better to make the script generate random number ads ID. That way it would be hard to guess. But the script uses primary key auto inc ID as ID for the ads. So it would be needed to modify database and then who knows how to make the script generate random numbers for the ads.

I could share the full script if somebody would like to help. This is out of my knowledge.

Peter_S

8:45 am on Sep 3, 2017 (gmt 0)

5+ Year Member Top Contributors Of The Month



You might be asking too much for this forum.

There is section where you can hire a PHP programmer : [webmasterworld.com...] . This might be more suitable for your needs.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 6:34 pm Apr 27, 2026