Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    New Coder
    Join Date
    Sep 2006
    Posts
    66
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Referring URL from redirects...

    Hey folks.

    I know how $HTTP_SERVER_VARS['HTTP_REFERER'] works...

    BUT..

    Is there a way to get the referring page when it's being automatically re-routed via the <meta http-equiv="refresh"> tag?

    for instance,
    page1.php
    Code:
    <meta http-equiv="refresh" content="5;url=page2.php">
    page2.php
    Code:
    <?php
    //CHECK REFERRAL
    $referringURL = $HTTP_SERVER_VARS['HTTP_REFERER'];
    $referURL = getenv(HTTP_REFERER);
    ?>
    Both $referringURL AND $referURL return blank values. My guess is because it's not a link click but a meta refresh.

    How can I accomplish getting the referring URL from the meta tag?

    Thanks for your help!

  • #2
    New Coder
    Join Date
    Dec 2006
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Yes. There is a very simple way to do this. Here is how to do this.

    1st. The first page refers you to a second page.
    2nd. Have the second page get it's referrer and put that into a variable. and pass that variable along to the third page via the address bar.
    3rd. Have the third page get ITS referrer and use a GET statement to get the other referrer out of the addrss bar. You now have both referrers.

    If you would like I could take your pages and put that in there for you. Of course there would be a small price attached but it wouldn't be much given the fact that it would only be a couple lines of code I would have to add.

  • #3
    New Coder
    Join Date
    Oct 2006
    Posts
    38
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Angry

    Self_taught, you're a greedy *******. All he wants is some 3 code line help and you can't do that for him? What kind of person are you? Don't reply me: "The one who tries to make a living", since this is a helping forum, not a hiring one.


    Shaffer.

  • #4
    Senior Coder koyama's Avatar
    Join Date
    Dec 2006
    Location
    Copenhagen, Denmark
    Posts
    1,246
    Thanks
    1
    Thanked 5 Times in 5 Posts
    Well, this method might be ok if it is your own page and you can paste code into it. But are you asking for the case where it is a 3rd party site that has the meta refresh?

    As for the referrer sent by the user agent, there is some variation among user agents when it comes to meta refresh. There are 2 candidates for the referrer. The original page you came from (A) or the page with the meta refresh (B).

    Furthermore the referrer sent by user agent depends on whether it is a HTTP redirect or a META refresh.

    I tried on FF2, IE6 and Opera9. Here is what I got for the referrer.

    HTTP redirect
    -------
    FF2: A
    IE6: A
    OP9: B

    META refresh
    -------
    FF2: blank
    IE6: blank
    OP9: B


    A: original page
    B: redirecting/refreshing page
    Last edited by koyama; 01-04-2007 at 02:09 PM.

  • #5
    New Coder
    Join Date
    Sep 2006
    Posts
    66
    Thanks
    6
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by SELF_TAUGHT View Post
    Yes. There is a very simple way to do this. Here is how to do this.

    1st. The first page refers you to a second page.
    2nd. Have the second page get it's referrer and put that into a variable. and pass that variable along to the third page via the address bar.
    3rd. Have the third page get ITS referrer and use a GET statement to get the other referrer out of the addrss bar. You now have both referrers.

    If you would like I could take your pages and put that in there for you. Of course there would be a small price attached but it wouldn't be much given the fact that it would only be a couple lines of code I would have to add.
    WOW! 1st. I'm shocked too that you're trying to get me for some $$$.. .for some lines of code that I already have!!! Rediculous.
    2nd. Why would I need a 3rd page involved in this?

  • #6
    New Coder
    Join Date
    Sep 2006
    Posts
    66
    Thanks
    6
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by koyama View Post
    Well, this method might be ok if it is your own page and you can paste code into it. But are you asking for the case where it is a 3rd party site that has the meta refresh?
    Both are my pages.
    Quote Originally Posted by koyama View Post
    I tried on FF2, IE6 and Opera9. Here is what I got for the referrer.

    HTTP redirect
    -------
    FF2: A
    IE6: A
    OP9: B

    META refresh
    -------
    FF2: blank
    IE6: blank
    OP9: B

    A: original page
    B: redirecting/refreshing page
    Yes...I'm beginning to think that it can't be done... Only Opera gets it right...

    How about this? How can I get the previous page? Doesn't necessarily have to be the referring URL.

  • #7
    Senior Coder koyama's Avatar
    Join Date
    Dec 2006
    Location
    Copenhagen, Denmark
    Posts
    1,246
    Thanks
    1
    Thanked 5 Times in 5 Posts
    Well, if both of the pages are yours I think you could do something like this:
    PHP Code:
    <?php
    $ref1 
    urlencode($_SERVER['HTTP_REFERER']);
    $ref2 urlencode('http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
    echo 
    '<meta http-equiv="refresh" content="5;url=page2.php?ref1='.$ref1.'&amp;ref2='.$ref2.'">';
    ?>
    You should then have both referrers available through
    PHP Code:
    $_GET['ref1'/* very first referrer */
    $_GET['ref2'/* ordinary referrer */ 
    It is supposed to work in all browsers.

  • #8
    New Coder
    Join Date
    Sep 2006
    Posts
    66
    Thanks
    6
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by koyama View Post
    Well, if both of the pages are yours I think you could do something like this:
    PHP Code:
    <?php
    $ref1 
    urlencode($_SERVER['HTTP_REFERER']);
    $ref2 urlencode('http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
    echo 
    '<meta http-equiv="refresh" content="5;url=page2.php?ref1='.$ref1.'&amp;ref2='.$ref2.'">';
    ?>
    You should then have both referrers available through
    PHP Code:
    $_GET['ref1'/* very first referrer */
    $_GET['ref2'/* ordinary referrer */ 
    It is supposed to work in all browsers.

    I see... let me give that a try..

  • #9
    New Coder
    Join Date
    Sep 2006
    Posts
    66
    Thanks
    6
    Thanked 0 Times in 0 Posts
    having the referrer in the url makes it visible for the user to possibly hack into.

    Is there a way to pass the variables $ref1 and $ref2 so that they are hidden?

    (I know how to do it with a form but since there is no form involved, just a meta tag re-direct, is it possible??)
    Last edited by erdubya; 01-04-2007 at 07:37 PM.

  • #10
    Regular Coder
    Join Date
    Jun 2004
    Posts
    565
    Thanks
    0
    Thanked 18 Times in 18 Posts
    No, you can never be sure that any data from userland is valid.

    Even if you use a form with hidden inputs or the like, anybody could easily create a form with normal text inputs with the same name as your hidden inputs and target that form to your processing page. Then one could simply type in values as one likes and send it to your page.

    Any Javascript solution can also be circumvented / manipulated.

    You cannot prevent people from sending you bogus input.

    dumpfi
    "Failure is not an option. It comes bundled with the software."
    ....../)/)..(\__/).(\(\................../)_/)......
    .....(-.-).(='.'=).(-.-)................(o.O)...../<)
    ....(.).(.)("}_("}(.)(.)...............(.)_(.))Ż/.
    ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
    Little did the bunnies suspect that one of them was a psychotic mass murderer with a 6 ft. axe.

  • #11
    New Coder
    Join Date
    Sep 2006
    Posts
    66
    Thanks
    6
    Thanked 0 Times in 0 Posts
    I'm not trying to eliminate malicious activity... just trying to make it harder to do so.

    If I'm putting the variables in the URL, I'm basically giving away all my goodies...
    ===============================

    So is there a way to send $_POST variables without using a form or a link?

    OR...

    Is there a way to detect the PREVIOUS page...not necessarily the referring URL??

    That's all I'm trying to do here.


    Thanks!

  • #12
    Master Coder felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, Australia
    Posts
    6,634
    Thanks
    0
    Thanked 649 Times in 639 Posts
    Of course anything with referrers is dependent on your visitor allowing you access to that info in the first place. Many firewalls are configured to rewrite that dfield either with blanks or a contant text and some browsers allow you to turn off that field as well.
    Stephen
    Learn Modern JavaScript - http://javascriptexample.net/
    Helping others to solve their computer problem at http://www.felgall.com/

    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

  • #13
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    1) http://www.zend.com/zend/spotlight/mimocsumissions.php
    2) You could use sessions to track a user's last page on your site.
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #14
    New Coder
    Join Date
    Sep 2006
    Posts
    66
    Thanks
    6
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by marek_mar View Post
    1) http://www.zend.com/zend/spotlight/mimocsumissions.php
    2) You could use sessions to track a user's last page on your site.

    In the grand scheme of things... here's an example of my site's flow...

    [page1.php] ---> [page2.php] ----> [page3.php]

    Now, I'm trying to prevent the user from going directly to page2 or page3... even if they figure it out and type in page2.php or page3.php directly into their browsers, I want to be able to say:

    on page2.php
    if the previous page is NOT page1.php then
    do not show page2.php... instead, show some kind of error message and direct them back to page1.php

    on page3.php
    if the previous page is NOT page2.php then
    do not show page3.php... instead, show some kind of error message and direct them back to page1.php

    I now know that HTTP_REFERER is not suitable for this(earlier posts in the thread). How reliable are session variables in handling this situation?

    If I use sessions, is it possible that the user's browser/firewall/etc. can turn them off as well?

  • #15
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    Sessions use sessions id's (sid) to identify the user. The sid is either in a cookie or in the querystring (parto of the URL).
    In theory it is always possible to have the sid in the querystring, unless someone will be deleting it.
    You can restrict access to users with a new session (that is users without the session id will get a new session and sid).
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •