Hey there, is there like a PHP script to stop people coming from somewhere else such as just from typing the url into the browser. But only able to view the site if they were directed from another page on the site.

If you could tell me if this is possible and where I could find code to do this, then that would be great.

- T.

Hey there, is there like a PHP script to stop people coming from somewhere else such as just from typing the url into the browser. But only able to view the site if they were directed from another page on the site.

If you could tell me if this is possible and where I could find code to do this, then that would be great.

- T.

yh

$_SERVER[HTTP_REFERER]

yh

$_SERVER[HTTP_REFERER]


<?php

if($_SERVER[HTTP_REFERRER] == "url") {

page here

}else{
exit("Access Denied");
}
?>

But be aware people can quite easily spoof it.

If you want it to allow someone who was directed from any url it would be:

if( $_SERVER[HTTP_REFERRER] == NULL ) {
. die('soz no access');\
} else {

}

But be aware people can quite easily spoof it.
Any like security I could add, ect?

Sorry for double post, but the limit has just expired!
None of the above seem to work for me, and what I want is like;

if( $_SERVER[HTTP_REFERRER] == "pagea.php" ) {
SHOW THE PAGE, otherwise..
} else {
exit("Sorry, you need to follow the correct url.");
}

Sorry for double post, but the limit has just expired!
None of the above seem to work for me, and what I want is like;

if( $_SERVER[HTTP_REFERRER] == "pagea.php" ) {
SHOW THE PAGE, otherwise..
} else {
exit("Sorry, you need to follow the correct url.");
}

I think it has to be an absolute url. If that still doesn't work try changing $_SERVER[HTTP_REFERRER] to $_SERVER['HTTP_REFERRER']. There is no way of stopping it from being spoofed. You could add a cookie on pagea.php and check for it on pageb.php instead.

If you're serious about this I would try to HTTP referrer method and the cookie method - that way people will only get through if they can really be bothered :P

KK thanks.
Thread closed.

But be aware people can quite easily spoof it.

Yeh hes right. People can just visit say paymentfinished.php and even if it denies them, they type in the link to your site and it counts as they have:p

use htaccess?



SetEnvIfNoCase Referer http://example\.com allow_download
Order Deny,Allow
Allow from env=allow_download
Deny from all
Also i used it for a counter strike server the sv_downloadurl to only allow users on my server to connect to my web server to download files, so it may not work, you'll have to see.

Imo, if you know how to, PHP is good for it.

I have never used .htaccess for it :P

KK thanks.
Thread closed.
Contact a member of the site to close the forum thread.

Contact a member of the site to close the forum thread.

We won't close them, you must have VIP

To tell you the truth this might be handy in the future days for others, therefore I would say keep it open anyway.

We won't close them, you must have VIP

Thankyou for your comments :)

Thankyou for your comments :)
Thank you for your comments.

Thank you for your comments.

Lol, my EngLish is beter then urs.


It was a personal joke between me and Robbie! you silly monkey.

Lol, my EngLish is beter then urs.


It was a personal joke between me and Robbie! you silly monkey.
I still laughed sorry.

I would not rely on HTTP Referrer as some security software and browsers can be configured to remove this from HTTP requests.

I've sorted this now. Thanks anyway.