Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6

Thread: Page to Page

  1. #1
    Regular Coder
    Join Date
    Sep 2007
    Posts
    264
    Thanks
    19
    Thanked 0 Times in 0 Posts

    Page to Page

    How can I make it so if a user who did not come from topic.php can not access the download.php page. I have information being passed from the topic.php page to the download page and I don't want them being able to access it without it being passed.

  • #2
    Senior Coder Dormilich's Avatar
    Join Date
    Jan 2010
    Location
    Behind the Wall
    Posts
    3,253
    Thanks
    12
    Thanked 341 Times in 337 Posts
    check for the required information and deny the access, if not provided. you could also try the referrer header, but I remember it being not always sent.
    The computer is always right. The computer is always right. The computer is always right. Take it from someone who has programmed for over ten years: not once has the computational mechanism of the machine malfunctioned.
    André Behrens, NY Times Software Developer

  • #3
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    You can use a session for this. The only alternative is to detect the $_SERVER['HTTP_REFERER'], but this is provided via client side, so it is spoofable. At least with the session, you can mostly control this.
    Its simply a matter of setting the referrer on the topic.php page into a session, then detecting it on download.php.
    PHP Code:
    // topic.php
    <?php
    session_start
    ();
    $_SESSION['referrer'] = 'topic';
    ... do 
    stuffs.
    ?>

    //download.php
    <?php
    session_start
    ();
    if (!isset(
    $_SESSION['referrer']) || $_SESSION['referrer'] != 'topic')
    {
        die (
    'Invalid page!');
        
    // or do something, redirect whatever
    }

    .. do 
    stuffs.
    ?>
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #4
    Regular Coder
    Join Date
    Sep 2007
    Posts
    264
    Thanks
    19
    Thanked 0 Times in 0 Posts
    How long is the session suppose to last? Cause after one test it worked, but after that I can consistently get back into the page without using topic.php.
    Last edited by IFeelYourPain; 02-16-2010 at 06:00 AM.

  • #5
    Senior Coder Dormilich's Avatar
    Join Date
    Jan 2010
    Location
    Behind the Wall
    Posts
    3,253
    Thanks
    12
    Thanked 341 Times in 337 Posts
    then you obviously would have to delete the session referrer variable after using it.
    The computer is always right. The computer is always right. The computer is always right. Take it from someone who has programmed for over ten years: not once has the computational mechanism of the machine malfunctioned.
    André Behrens, NY Times Software Developer

  • #6
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Quote Originally Posted by Dormilich View Post
    then you obviously would have to delete the session referrer variable after using it.
    e.g.
    PHP Code:
    //download.php
    <?php
    session_start
    ();
    if (!isset(
    $_SESSION['referrer']) || $_SESSION['referrer'] != 'topic')
    {
        die (
    'Invalid page!');
        
    // or do something, redirect whatever
    }
    unset(
    $_SESSION['referrer']); // deletes the session.
    .. do stuffs.
    ?>
    ||||If you are getting paid to do a job, don't ask for help on it!||||


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •