...

View Full Version : Accessing a script from within it's domain!



Eternity Angel
03-08-2003, 09:18 PM
How would I make a script accessable only if you clicked a link on a page, that was the same domain?

Ie. I made a PHP page, with a link to another PHP page, but it submits data, and I don't want you to be able to type the URL of the second page, into your browser, and then hit enter, and the page load. Instead, I want the page to put out an error, saying you can't access the page unless it's from the same server.

Did that make sense? well, anyways, I am unsure exactly how to do this, and I tried searching the PHP Manual ENDLESSLY, and it's all confusing -_-

Any help would be great.

firepages
03-09-2003, 02:08 AM
simplisticly you could ...



<?
if(!ereg('your_domain.com',$_SERVER['HTTP_REFERER'])){
header("location:$your_domain.com/index.php");
}
?>


but note that HTTP_REFERER can be spoofed i.e someone can send that header via script if they wish & also not all browsers send the HTTP_REFERER variable , though most do.

if its not essential to keep people out then the above should work for most.

if it is then you need to setup some type of login & authentication OR set a session variable on your index page & check for its existance on subsequent pages.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum