What value holds the referrer url ?

[♥yesudo]

I have tried $_SERVER['HTTP_REFERER'] but it does not seem to work.

 

Help thanx.

[♥yesudo]

Now have:

 

$tapps_referer = "http://www.yesudo.com/";

// referer check
if (isset($tapps_referer) && $tapps_referer!="")
{
 $referer=$HTTP_SERVER_VARS['HTTP_REFERER'];
 if ($i=strpos($referer,"?"))
 {
	 $referer= substr($referer,0,$i);
 }
 if ($tapps_referer != $referer)
 {
	 header ("Location: index.php");
 }
 
}

 

but still doesn't work if referer is correct - i.e. http://www.yesudo.com/

[Mark Evans]

Does the HTTP_REFFER var actually have a value?

 

Take a look at

 

var_dump($_SERVER);

 

to see if its populated.

[♥yesudo]

I have tried echoing it and also other conertations but no luck - any idea what variable I should be looking at ?

[Mark Evans]

Your looking at the correct variable.. however how are you viewing the page?

 

The referrer var is only populated when a link is clicked and will be empty if you just view the page in the browser.

[♥yesudo]

Code now:

 

$tapps_referer = "http://www.yesudo.com/test/login.php";

// referer check
if (isset($tapps_referer) && $tapps_referer!="")
{
?$referer=$HTTP_SERVER_VARS['HTTP_REFERER'];
?if ($i=strpos($referer,"?"))
?{
?	$referer= substr($referer,0,$i);
?}
?if ($tapps_referer != $referer)
?{
?	header ("Location: index.php");
?}
?
}

 

So if you click Continue on this page:

 

http://www.yesudo.com/test/login.php

 

it should take you to:

 

http://www.yesudo.com/test/create_account.php but it takes you to index.php.

 

That should work shouldn't it Mark - or am I missing the point ?

 

Thanx.

[Guest]

Tried it and it took me to create account.

[♥yesudo]

Tried it and it took me to create account.

Very odd !!

 

Same for anyone else ?

 

Thanx.

[Aziz]

takes me to creat account .php

 

what browser are u using and what verison

 

salam

[♥yesudo]

ie 6.0.2800

[Guest]

worked in both netscape and ie.

[user99999999]

Not sure what your trying to do there but you might try saving this value at the very begining of your script because some php functions will erase it.

 

$referer=$HTTP_SERVER_VARS['HTTP_REFERER'];

 

This is what you shoud get from clicking the link above.

 

echo $HTTP_SERVER_VARS['HTTP_REFERER'];

-->http://www.oscommerce.com/forums/index.php?showtopic=88731

 

echo $HTTP_SERVER_VARS['REQUEST_URI'];

-->http://www.yesudo.com/test/login.php

[♥yesudo]

Thanx everyone.

 

Found out it was a privacy setting on Norton AV interfering. Working now.

[♥yesudo]

Hello Dave,

 

On a membership only site the member has to make a payment via paypal b4 creating an account.

 

The payment element of this can be circumvented if someone goes straight to the create_account screen - so am trying to stop this.

 

Am nearly there - Thanx.

[user99999999]

I dont think you can use referer for security purposes it can easily be spoofed.

 

<?php

$ch = curl_init();

curl_setopt($ch, CURLOPT_REFERER, "http://www.yesudo.com/test/login.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt ($ch, CURLOPT_URL, "http://www.yesudo.com/test/login.php");

$result =curl_exec ($ch);
echo $result;

curl_close ($ch);
?>

[Guest]

try clearing your cache