08-08-2006, 10:53 AM
Does way exist of only allowing the link asked by the dedicated server and not for the user? Example: if a user puts in his web browser: http://www.mydomain.com/reg.php the user will be redirected to error page, but if the user gives a click in the link called(the link is on the index page) REGISTER and this one appears to http://www.mydomain.com/reg.php the user has permission.
Sorry if my english is bad. Regards :thumbsup:
08-08-2006, 11:18 AM
You can check the referrer using php and match it accordingly. This can be faked though. Also, if you have a form on the reg page (as you would), you can use an if() statement to see if the submit button has been pressed yet. Name the submit button sumbit and:
form html here
other html here
08-09-2006, 05:54 AM
Checking the referrer is a very bad idea. Some firewalls remove it from HTTP Requests and some browsers can be set to not send it in the first place.
You should use PHP's session functionality to make sure that the person came to reg.php from another page on your site by starting a session on another page and checking for it on the reg.php page.
08-09-2006, 08:22 AM
PHP can retrieve files from above the root directory or from password protected folders without needing the password. You can use that as a front end to test if the retrieval should be allowed. Other server side languages should offer something similar.