Hello and welcome to our community! Is this your first visit?
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Regular Coder
    Join Date
    Jul 2002
    Canada, eh?
    Thanked 3 Times in 3 Posts

    Accessing a script from within it's domain!

    How would I make a script accessable only if you clicked a link on a page, that was the same domain?

    Ie. I made a PHP page, with a link to another PHP page, but it submits data, and I don't want you to be able to type the URL of the second page, into your browser, and then hit enter, and the page load. Instead, I want the page to put out an error, saying you can't access the page unless it's from the same server.

    Did that make sense? well, anyways, I am unsure exactly how to do this, and I tried searching the PHP Manual ENDLESSLY, and it's all confusing -_-

    Any help would be great.

  • #2
    Super Moderator
    Join Date
    May 2002
    Perth Australia
    Thanked 101 Times in 99 Posts
    simplisticly you could ...

    PHP Code:
    but note that HTTP_REFERER can be spoofed i.e someone can send that header via script if they wish & also not all browsers send the HTTP_REFERER variable , though most do.

    if its not essential to keep people out then the above should work for most.

    if it is then you need to setup some type of login & authentication OR set a session variable on your index page & check for its existance on subsequent pages.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)


    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts