ok, so i made a file manager and i need to prevent people from linking
directly to files that do not come from another part of the site.
i know i can use http_referer, but i wonder how fool proof it is, i dont
want to spit out errors to a legit user that actually came from a valid page
before
- Original Message -
From: Sebastian [EMAIL PROTECTED]
To: php-general@lists.php.net
Sent: Saturday, February 26, 2005 8:31 PM
Subject: [PHP] http referer
ok, so i made a file manager and i need to prevent people from linking
directly to files that do not come from another part
Sebastian wrote:
ok, so i made a file manager and i need to prevent people from linking
directly to files that do not come from another part of the site.
i know i can use http_referer, but i wonder how fool proof it is, i dont
want to spit out errors to a legit user that actually came from a valid
For some reason, the following if statement isn't working. Maybe I haven't
had enough coffee to drink or maybe I've had too much - what am I missing?
if ($efa != nm || $HTTP_REFERER !=
http://www.globalhealth.org/news/article.php3?id=1526;){
do this);
}
Thank you, Shawna
--
PHP General
if ($efa != nm || $HTTP_REFERER !=
http://www.globalhealth.org/news/article.php3?id=1526;){
do this);
}
Not sure what the exact problem is as you haven't been all that
descriptive as to what the values are or what is happening, but
you should know that $HTTP_REFERER can't be trusted. You
Calgary, Alberta, Canada
T2P 4L4
(403) 781-4948
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 13, 2001 7:58 AM
To: [EMAIL PROTECTED]
Subject: [PHP] http referer problems
For some reason, the following if statement isn't working. Maybe I
Dear folks
I was told that http referer can tell me where the user come from. But it does not
work all the time, is there anything else that work better than this?
Jack
[EMAIL PROTECTED]
Love your enemies, it will drive them nuts
Hi,
I've got a problem with the HTTP_REFERER. I'll explain it to you now.
I've got a site where I can't logon to to change some things. That site
checks the HTTP_REFERER variable and if it matches with what's in the MySQL
db it passes you through.
Now I've got a site which has to have access
8 matches
Mail list logo