Welcome to WebmasterWorld Guest from 54.80.97.221

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

filter requests by domain

help modify a script

     
9:20 am on Aug 31, 2017 (gmt 0)

New User

joined:Aug 31, 2017
posts: 6
votes: 0


hello, I have this php script on" domain22.com" that processes the requests:

mysa_output.php

<?php
$mysa_ipaddress = strip_tags($_GET['r']);
if(strip_tags(urldecode($_GET['h']))!='') $mysa_hostname = strip_tags(urldecode($_GET['h']));
if(strip_tags(urldecode($_GET['rf']))!='') $mysa_referer = strip_tags(urldecode($_GET['rf']));
$mysa_show_ad_group = strip_tags($_GET['show_ad_group']);
$mysa_show_ad = strip_tags($_GET['show_ad']);
if (is_numeric($mysa_show_ad_group)){
include_once("mysimpleads.php");show_ad_group($mysa_show_ad_group);
} else if (is_numeric($mysa_show_ad)){
include_once("mysimpleads.php");show_ad($mysa_show_ad);
} else {
exit;
}
?>


Then I have code that I put on some other domain33.com that connects to this script to pull data

<?php @readfile('http://domain22.com/mysa_output.php?r='.$_SERVER['REMOTE_ADDR'].'&h='.urlencode($_SERVER['HTTP_HOST']).'&rf='.urlencode($_SERVER['HTTP_REFERER']).'&show_ad=2'); ?> 


My problem is that I need to filter and allow the domain33.com and "&show_ad=2" so that from domain33.com you can't view others ID ads like "&show_ad=5" "&show_ad=10" etc.

There would be multiple domains, and ID's. Simple cycle check would work fine.

As I understand need to put some code into the mysa_output.php

Thank you.
10:02 pm on Aug 31, 2017 (gmt 0)

New User

joined:Aug 31, 2017
posts: 6
votes: 0


So far I found this code"
[webmasters.stackexchange.com...]

<?php
$yoursite = "yoursite.com"; //Your site url without http://
$yoursite2 = "www.yoursite.com"; //Type your domain with www. this time

$referer = $_SERVER['HTTP_REFERER'];

//Check if browser sends referrer url or not
if ($referer == "") { //If not, set referrer as your domain
$domain = $yoursite;
} else {
$domain = parse_url($referer); //If yes, parse referrer
}

if($domain['host'] == $yoursite || $domain['host'] == $yoursite2) {

//Run your image generation code

} else {

//The referrer is not your site, we redirect to your home page
header("Location: http://yoursite.com");
exit(); //Stop running the script

}
?>


But my basic knowledge does not allow me to use this, anyone can help?
10:11 pm on Aug 31, 2017 (gmt 0)

New User

joined:Aug 31, 2017
posts: 6
votes: 0


By using code bellow I found out that some browsers seems to send blank referrer.

Refferring URL: No referrer set

<?php
//get pg referer if there is one
if (isset($_SERVER['HTTP_REFERER'])) {
$ref_url = $_SERVER['HTTP_REFERER']; //get referrer
}else{
$ref_url = 'No referrer set'; // show failure message
}//end else no referer set
echo "<h3>Refferring URL: $ref_url</h3>";
?>


What to do now, how does the free (adserver) filter the deliver y options by domain?

[edited by: phranque at 4:00 am (utc) on Sep 1, 2017]
[edit reason] no specifics, please. see forum Charter [/edit]

3:59 am on Sept 1, 2017 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:11293
votes: 135


you will probably need to use third party cookies for this.
10:36 am on Sept 1, 2017 (gmt 0)

Full Member

Top Contributors Of The Month

joined:Apr 20, 2017
posts:334
votes: 73


I am not sure I understood everything, are you expecting the "readfile" to set a referer ? If so you have to set it manually.

For example:


$current_page = ( isset ( $_SERVER [ 'HTTPS' ] ) ? 'https' : 'http' ) . '://' . $_SERVER [ 'HTTP_HOST' ] . $_SERVER [ 'REQUEST_URI' ] ;

$opts = array (
'http' => array (
'header' => array ( 'Referer: ' . $current_page . "\r\n" )
)
) ;

$context = stream_context_create ( $opts ) ;

readfile( <url> , false , $context ) ;


But I doubt that this is what you really want to achieve, because as you can see, you can set anything as referrer, so this is not restricting access in anyway.
7:51 pm on Sept 2, 2017 (gmt 0)

New User

joined:Aug 31, 2017
posts: 6
votes: 0


It seems better to make the script generate random number ads ID. That way it would be hard to guess. But the script uses primary key auto inc ID as ID for the ads. So it would be needed to modify database and then who knows how to make the script generate random numbers for the ads.

I could share the full script if somebody would like to help. This is out of my knowledge.
8:45 am on Sept 3, 2017 (gmt 0)

Full Member

Top Contributors Of The Month

joined:Apr 20, 2017
posts:334
votes: 73


You might be asking too much for this forum.

There is section where you can hire a PHP programmer : [webmasterworld.com...] . This might be more suitable for your needs.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members