Go Back   CodingForums.com > :: Server side development > PHP
Reload this Page session instead of referer

Before you post, read our: Rules & Posting Guidelines

Reply
 
Thread Tools Rate Thread
Enjoy an ad free experience by logging in. Not a member yet? Register.
Old 11-14-2003, 04:55 AM   PM User | #1
BroChris
Regular Coder

 
Join Date: Jun 2002
Location: Louisville, KY
Posts: 279
Thanks: 0
Thanked 0 Times in 0 Posts
BroChris is an unknown quantity at this point
session instead of referer
I've heard that it's better to use a session instead of checking the referer. What's the simplest way to do this? I just want to start a session on one page, and on the next make sure the session has been started in order to gain access, else be forwarded to a different page. Thanks in advance.
__________________
designsbychris.com
BroChris is offline   Reply With Quote
Old 11-14-2003, 10:14 AM   PM User | #2
firepages
Super Moderator


 
Join Date: May 2002
Location: Perth Australia
Posts: 3,890
Thanks: 5
Thanked 79 Times in 78 Posts
firepages will become famous soon enough
//page 1
PHP Code:
<?php
session_start();
$_SESSION['been_here_already'] = $_SERVER['REMOTE_ADDR'];
?>
//page2
PHP Code:
<?php
session_start();
if( $_SESSION['been_here_already'] != $_SERVER['REMOTE_ADDR'] ){
    header('location:page1.php');
}
?>
__________________
resistance is...

MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)
firepages is offline   Reply With Quote
Old 11-14-2003, 12:09 PM   PM User | #3
raf
Master Coder


 
Join Date: Jul 2002
Posts: 6,589
Thanks: 0
Thanked 0 Times in 0 Posts
raf will become famous soon enoughraf will become famous soon enough
But that Page2 code will always return False for AOL users (that get another IP for each request) and some users behind a proxy that does IP pooling.

Can't you just set a flag --> set a sessionvariable to whatever and then just check if it is set?

Page1:

<?php
session_start();
$_SESSION['cleared'] = 'yes';
?>

Page 2:
PHP Code:
<?php
session_start();
if( isset($_SESSION['cleared']){
  if ($_SESSION['cleared'] == 'yes') {
   // whatever
  } else {   
    header('location<img src="images/smilies/tongue.gif" border="0" alt="">age1.php');
  }
} else {
  //some redirect to a page where the session is cleared
}
?>
raf is offline   Reply With Quote
Old 11-14-2003, 01:27 PM   PM User | #4
firepages
Super Moderator


 
Join Date: May 2002
Location: Perth Australia
Posts: 3,890
Thanks: 5
Thanked 79 Times in 78 Posts
firepages will become famous soon enough
for each request ? I do not see how the HTTP protocol can even work if the IP changes on each request?

not that I disagree that the IP checking is probably overkill , just trying to give a full example .
__________________
resistance is...

MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)
firepages is offline   Reply With Quote
Old 11-14-2003, 01:41 PM   PM User | #5
raf
Master Coder


 
Join Date: Jul 2002
Posts: 6,589
Thanks: 0
Thanked 0 Times in 0 Posts
raf will become famous soon enoughraf will become famous soon enough
HTTP is stateless and since there isn't a persistent connection, the server just needs to know the IP of the client that made the request in order to send a response. So it doesn't matter if the same client has already sents 10 request with 10 differnent IP's.

It's exactly due to this stateless protocol that we need sessions so that we can 'identify' the client and we can group multiple requests. It's probably because of this IP-'fluidness' that sessions rely on the quersytring or session-cookie to identify the client.

I didn't know about these one-request-IP's either until 2 months ago.
http://www.codingforums.com/showthre...hlight=request
raf is offline   Reply With Quote
Reply

Bookmarks

Jump To Top of Thread


« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 10:35 AM.
Advertisement
Log in to turn off these ads.