Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
03-08-2003, 08:18 PM #1
- Join Date
- Jul 2002
- Canada, eh?
- Thanked 3 Times in 3 Posts
Accessing a script from within it's domain!
How would I make a script accessable only if you clicked a link on a page, that was the same domain?
Ie. I made a PHP page, with a link to another PHP page, but it submits data, and I don't want you to be able to type the URL of the second page, into your browser, and then hit enter, and the page load. Instead, I want the page to put out an error, saying you can't access the page unless it's from the same server.
Did that make sense? well, anyways, I am unsure exactly how to do this, and I tried searching the PHP Manual ENDLESSLY, and it's all confusing -_-
Any help would be great.
03-09-2003, 01:08 AM #2
- Join Date
- May 2002
- Perth Australia
- Thanked 98 Times in 96 Posts
simplisticly you could ...
but note that HTTP_REFERER can be spoofed i.e someone can send that header via script if they wish & also not all browsers send the HTTP_REFERER variable , though most do.PHP Code:
if its not essential to keep people out then the above should work for most.
if it is then you need to setup some type of login & authentication OR set a session variable on your index page & check for its existance on subsequent pages.
MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)