Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New Coder
    Join Date
    Apr 2005
    Posts
    14
    Thanks
    0
    Thanked 0 Times in 0 Posts

    How can I avoid an iframe to be called directly?

    I have an iframe in the middle of my site, and I dont want in anyway someone to directly address that iframe..

    How can this be possible??

    An idea may be passing a control variable from the main page to the iframe but someone still can open the iframe with including that variable at the end of the url..

  • #2
    Regular Coder
    Join Date
    Nov 2004
    Location
    The Netherlands
    Posts
    551
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Use authentication with php or use .htacces for this.

    Here's the php way.
    Or another easy one with sessions.
    CATdude about IE6: "All your box-model are belong to us"

  • #3
    Regular Coder
    Join Date
    Feb 2005
    Location
    West Midlands, UK
    Posts
    623
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You could try something like this at the top of your iframe file:
    PHP Code:
    $mydomain 'yourdomain.com';
    if(
    strpos($_SERVER['HTTP_HOST'], $mydomain) === FALSE) {
        
    header('Location: http://www.yourdomain.com');

    The only problem is, because it's an iframe I'm not sure if $_SERVER will be populated with your server data or the data of the server belonging to the person linking it but you can test that pretty simply.

    If it does cause a problem you could probably solve it by using css overflow to create a virtual iframe and including the file instead (I'm pretty sure an included file gets the server data of the calling page, not it's own server data), but if it gets to that point you may as well look at authentication as an easier solution.

  • #4
    New Coder
    Join Date
    Apr 2005
    Posts
    14
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I think I will set up a session variable in the page calling the frame and then check that variable inside the frame..Seems an easy solution, thanks for your help

  • #5
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Sessions are always the best route when passing data from page to page in your site. That includes blocking out things that can only be included or added to your pages. Go with that route, watch your session settings though, and test it with your cookies off (use_trans_sid is off by default in php.ini, which auto-appends your links).


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •