At 12:27 AM 1/12/2012, Haluk Karamete wrote:
Because I got this
echo $_SERVER['HTTP_REFERER'];
I end up with this
Notice: Undefined index: HTTP_REFERER in
D:\Hosting\5291100\html\blueprint\bp_library.php on line 16
die;
Now, this is of course after the ?php error_reporting (E_ALL); ?
On Tue, April 18, 2006 12:49 pm, Yudie wrote:
Does anyone know how to resolve my problem
I tried to get the referer url with $_SERVER['HTTP_REFERER'] but
returns
blank when I use javascript: document.location='...' from the previous
page.
Don't do that.
:-)
More specifically, no browser is
-general@lists.php.net
Sent: Tuesday, April 18, 2006 4:16 PM
Subject: Re: [PHP] HTTP_REFERER with javascript: document.location
On Tue, April 18, 2006 12:49 pm, Yudie wrote:
Does anyone know how to resolve my problem
I tried to get the referer url with $_SERVER['HTTP_REFERER'] but
returns
address'
- Original Message -
From: Richard Lynch [EMAIL PROTECTED]
To: Yudie [EMAIL PROTECTED]
Cc: php-general@lists.php.net
Sent: Tuesday, April 18, 2006 4:16 PM
Subject: Re: [PHP] HTTP_REFERER with javascript: document.location
On Tue, April 18, 2006 12:49 pm, Yudie wrote:
Does
Its possible norton firewall OR your browser is altering the headers.
how are you redirecting, norton may not allow for some kind of
redirects either. Try turning norton off, and visiting the page :)
Jason
Shaun [EMAIL PROTECTED] wrote:
Hi,
I seem to have problems redirecting pages
Shaun wrote:
Hi,
I seem to have problems redirecting pages when I view my site using my
laptop, the only difference is that my laptop has Norton Firewall installed,
can this interfere with the $HTTP_REFERER variable and if so is there a more
reliable alternative?
Many firewalls and proxies can
Hi Jason,
Thanks for your reply, but really I need a solution that will allow me to
let users view the site without having to worry about any firewalls they
might have installed!!!
Jason Davidson [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Its possible norton firewall OR your
On 05 August 2004 17:18, Shaun wrote:
Hi,
I seem to have problems redirecting pages when I view my site using my
laptop, the only difference is that my laptop has Norton
Firewall installed,
can this interfere with the $HTTP_REFERER variable
Not only can, does! Other firewalls or proxies
with a better solution if you tell us what you're trying to accomplish.
-Ed
-Original Message-
From: Shaun [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 05, 2004 9:26 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] $HTTP_REFERER
Hi Jason,
Thanks for your reply, but really I need
* Thus wrote Shaun:
Hi,
I seem to have problems redirecting pages when I view my site using my
laptop, the only difference is that my laptop has Norton Firewall installed,
can this interfere with the $HTTP_REFERER variable and if so is there a more
reliable alternative?
The reliable way to
Steve Douville wrote:
I think I'm having a major brain fart here. Is there a $HTTP_REFERER
anymore? It doesn't show up as a server variable or anything at all in
phpinfo()... using php 4.3.4
Ideas?
TIA,
Steve
It has to be set to show up.
--
John C. Nichel
KegWorks.com
716.856.9675
[EMAIL
- Original Message -
From: John Nichel [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, June 04, 2004 2:51 PM
Subject: Re: [PHP] HTTP_REFERER
Steve Douville wrote:
I think I'm having a major brain fart here. Is there a $HTTP_REFERER
anymore? It doesn't show up as a server variable
Curt Zirzow wrote:
I guess soon firewall's are going to be pouring you cups of coffee
when it gets empty.
Curt
I hope they offer a Mt. Dew patch. ;)
--
John C. Nichel
KegWorks.com
716.856.9675
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
[snip]
if ($_SERVER['HTTP_REFERER'] == 'http://www.mysite.com/') {
// Stuff
}
Now why does this not work?
[/snip]
Have you echo'd $_SERVER['HTTP_REFERER'] ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I found this in the manual:
HTTP_REFERER'
The address of the page (if any) which referred the user agent to the
current page. This is set by the user agent. Not all user agents will set
this, and some provide the ability to modify HTTP_REFERER as a feature. In
short, it cannot really be trusted.
[EMAIL PROTECTED] wrote:
if ($_SERVER['HTTP_REFERER'] == 'http://www.mysite.com/') {
// Stuff
}
Now why does this not work?
I wanna asign varibales based on certain referers...
but this is not working?
Any ideas why?
What do you get when you echo out $_SERVER['HTTP_REFERER']?
--
John C. Nichel
Sadly, I get nothing...
the other server I'm talking to is owned by our company, it's a Lotus
Domino server...
so in theory, they'll be able to enable this variable to be passed?
John Nichel [EMAIL PROTECTED]
05/05/2004 17:07
To
[EMAIL PROTECTED]
cc
Subject
Re: [PHP] HTTP_REFERER
[EMAIL PROTECTED] wrote:
Sadly, I get nothing...
the other server I'm talking to is owned by our company, it's a Lotus
Domino server...
so in theory, they'll be able to enable this variable to be passed?
I can never remember one day to the other which it is, but I _think_
it's the browser which
John Nichel wrote:
[EMAIL PROTECTED] wrote:
Sadly, I get nothing...
the other server I'm talking to is owned by our company, it's a
Lotus Domino server... so in theory, they'll be able to enable this
variable to be passed?
I can never remember one day to the other which it is, but I
[snip]
some firewalls will change HTTP_REFERER to HTTP_WEFERER
[/snip]
That is not a firewall munge, that would be Elmer Fudd's server!
ROFLMFAO!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
From: Pablo Gosse [EMAIL PROTECTED]
The following is quoted from a previous post by Chris Shifflet:
Referer is just as easy to spoof as the form data you're expecting.
wait, wait, wait... we CAN'T trust form data? Crap...
---John Holmes...
--
PHP General Mailing List (http://www.php.net/)
John W. Holmes wrote:
From: Pablo Gosse [EMAIL PROTECTED]
The following is quoted from a previous post by Chris Shifflet:
Referer is just as easy to spoof as the form data you're expecting.
wait, wait, wait... we CAN'T trust form data? Crap...
---John Holmes...
Maybe we CAN trust form data if we
* Thus wrote Pablo Gosse ([EMAIL PROTECTED]):
John Nichel wrote:
[EMAIL PROTECTED] wrote:
Sadly, I get nothing...
the other server I'm talking to is owned by our company, it's a
Lotus Domino server... so in theory, they'll be able to enable this
variable to be passed?
I can never
--- Josephin Tauschinger [EMAIL PROTECTED]
wrote:
Thank you Chris!
No problem. :-)
What I did was exactly what Pablo Gosse proposed and, as you stated,
it didn't work:
input type=hidden name=referrer value=?php echo
$_SERVER['HTTP_REFERER']; ?
Do you know how I can get my webserver
On Thursday, November 06, 2003 10:31 AM, Josephin wrote:
snip
xy.html ---form.html--formmailer.php
want the $HTTP_Referer or HTTP_URI, file only, (of xy.html)
--to be forwarded to form.html,
--to be converted in a variable,
--which is passed on to formmailer.php, which will use it as
--- Josephin [EMAIL PROTECTED] wrote:
am a newbie as of yesterday.
Welcome!
Can't figure out how to get the $HTTP_Referer (own domain) of the page
entering my form (html), convert it into a variable which is later
passed on to my formmailer.php for the $subject variable.
xy.html
* Thus wrote John Taylor-Johnston ([EMAIL PROTECTED]):
The problem is I noticed a friend was getting the hijacking message.
I had him clean his cache and reload, but no luck.
I wondered why he got that message, so I echoed $HTTP_REFERER to see what his IE6.x
was spewing out. The result
But the manual says that HTTP_REFERER is unreliable, so I'm
intrigued to know exactly what the problems are. Any ideas?
The HTTP_REFERER field is retrieved from the HTTP Referer: header as
used in the HTTP protocol. This field is set entirely by the client
browser / application retrieving the
As you are already using sessions, you can store the original page in a
session variable
rotsky wrote:
I have a small login form on the home page of my site. At the moment, when
people enter their user details and hit 'send', they go to another page
which check their details and, if they are
Anyone can send any referer (sic) header to your script. It shouldn't
be used for checking if someone is trying to hack the script, but it
should be find in your case.
rotsky wrote:
I've experimented using $_SERVER['HTTP_REFERER'] which seems to work here.
If the user enters valid login
- Original Message -
From: Tom Woody [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 10, 2003 9:53 AM
Subject: [PHP] HTTP_REFERER security implications?
I am working on a simple authentication script, where the user submits a
login and password, the credentials are checked
On 10-Mar-2003 Tom Woody wrote:
I am working on a simple authentication script, where the user submits a
login and password, the credentials are checked and the user is
redirected to another script. The new script checks the HTTP_REFERER
and if its the original script it continues, otherwise
On Thursday 16 January 2003 05:38, Scott Fletcher wrote:
Or worse, not substituting the characters in the Session ID. Just use the
same Session ID. What if there is leftover session file in the /tmp
directory of the Unix machine and we're dealing with hundred of users each
day. Some of
computer. I'm sure you'll find ways to elaborate from there. You can do
all of this without requiring the user to login.
-Kevin
- Original Message -
From: Scott Fletcher [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, January 15, 2003 2:07 PM
Subject: Re: [PHP] HTTP_REFE
--- Scott Fletcher [EMAIL PROTECTED] wrote:
Here's what I found so interesting
This code, $_SERVER['HTTP_REFERER'] have worked without a
problem when I use the latest Mozilla build. It even work
with the HierMenus,
location.replace('http://whatever.com'),
and location.href =
It's not a PHP bug. Many PHP programmer tried to their best to use
HTTP_REFERER so they can keep track of which webpages on the current website
did the user last visited. That way, they can keep out the unauthorized
access to the website without first logging in to the website.
Well, my
ar
Paul Roberts
[EMAIL PROTECTED]
- Original Message -
From: Scott Fletcher [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, January 15, 2003 9:07 PM
Subject: Re: [PHP] HTTP_REFERER work without a problem
It's not a PHP bug. Many PHP programmer tried to th
--- Scott Fletcher [EMAIL PROTECTED] wrote:
Many PHP programmer tried to their best to use
HTTP_REFERER so they can keep track of which
webpages on the current website did the user
last visited.
I think I see what you are referring to now.
The reason that many people (myself included)
I agree with you on that. Having something that is reliable is not a bad
idea. Anyway, this HTTP_REFERER script have been in use for 4 years and we
sometime very little have problem with it. It the HTTP_REFERER doesn't work
then all the user will experienced is a direct access attempt and be
---
From: Scott Fletcher [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, January 15, 2003 9:07 PM
Subject: Re: [PHP] HTTP_REFERER work without a problem
It's not a PHP bug. Many PHP programmer tried to their best to use
HTTP_REFERER so they can keep track of which webpage
[EMAIL PROTECTED] (Chris Shiflett) wrote:
--- Scott Fletcher [EMAIL PROTECTED] wrote:
Many PHP programmer tried to their best to use
HTTP_REFERER so they can keep track of which
webpages on the current website did the user
last visited.
I think I see what you are referring to now.
The
--- Scott Fletcher [EMAIL PROTECTED] wrote:
Or worse, not substituting the characters in the
Session ID. Just use the same Session ID. What if
there is leftover session file in the /tmp
directory of the Unix machine and we're dealing
with hundred of users each day. Some of those
session
That sound wonderful!!! I'm looking forward to hearing about this in the
near future...
Thanks,
Scott F.
Chris Shiflett [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
--- Scott Fletcher [EMAIL PROTECTED] wrote:
Or worse, not substituting the characters in
I understand. To combine the Session Id with HTTP_REFERER sound good but it
didn't work too well. I'm still open to idea... :-) Fortunately, not
many people know it because it is done behind the scene, so they'll have a
lot more to guess about what's working behind the scene.
Christoph
Here's one way I can do, I checked the session id in the HTTP_REFERER and
grab the existing session id in the database table. This is still not an
effective method.
Christoph Grottolo [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
[EMAIL PROTECTED] (Chris
Weird. When I plugged them straight into the query, it worked. Thanks
again for the help. Solved a major problem for me.
-Original Message-
From: listman@evol [mailto:listman@evol]On Behalf Of Keith Vance
Sent: Wednesday, August 28, 2002 10:51 PM
To: Lon Lentz
Subject: RE: [PHP
Have you checked that your user is indeed coming from
http://www.somedomain.com/index.html;? There are lots of other ways
to load your homepage:
http://xxx.xxx.xxx.xxx/index.html; (ip address, not domain)
http://www.somedomain.com/;
http://www.somedomain.com;
http://xxx.xxx.xxx.xxx;
On Monday, March 25, 2002, at 02:52 PM, tom hilton wrote:
This is working fine for most users, but one user is telling me that
even
though she is following the link from the index page, she's still
getting
the error message, and are being bounced back to the index page. She
is
Try accessing the variable: $HTTP_REFERER
without specifying the array. it works for me
-Original Message-
From: tom hilton [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 18, 2002 12:25 PM
To: [EMAIL PROTECTED]
Subject: [PHP] http_referer
Hi,
I am trying to pull http_referer
In PHP4.1 or later, try:
echo $_SERVER['HTTP_REFERER'];
Erik
Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
hi
reasons why it couldn't be set:
the url was typed directly
some browser don't send referer information
other (like opera 5.12) send a wrong value
you shouldn't rely on HTTP_REFERER too much
regards
hassan el forkani
http://WarmAfrica.com
23/11/2001 11:55:04, Jordan Elver [EMAIL
Hi Jord,
You don't need to get HTTP_REFERER, in order to know what the client
requested! And every browser stores some other info in HTTP_REFERER...
The filename that was reqested is stored in $REQUEST_URI
Best,
Sebastian
Hi,
I'm writing a 404 handler and in order to report the item that was
Hi,
I'm writing a 404 handler and in order to report the item that
was requested
I was trying to get the value of HTTP_REFERER. But, it does seem
to get set.
Does anyone know how to find thi value? Is there a reason why it
would not
get set?
Hi
I think you're looking for this
On Friday 23 November 2001 13:39, you wrote:
Are you using it as
$HTTP_SERVER_VARS[REQUEST_URI]
or
$REQUEST_URI
?
Well, I think I'm buggered then because i just tried to use both and they
both report the same value :-(
Back to the drawing board.
I had the same problem using the
Hi,
When I use HTTP_REFERER it gives me the name of the php script which is
handling the 404's?!
Should that happen?
Jord
On Friday 23 November 2001 11:41, you wrote:
Hi,
I'm writing a 404 handler and in order to report the item that
was requested
I was trying to get the value of
Hi,
When I use HTTP_REFERER it gives me the name of the php script which is
handling the 404's?!
Should that happen?
As someone put in one of the other reply's don't rely on HTTP_REFERER.
This is set (or not) by the browser and they all have different ideas about
they want to play ball with
at our site, we built the error trapping that you are wanting to build.
here is a snippet of what we used.
PSID: (. PSID .)\n.
Page: ($GLOBALS[REQUEST_URI])\n.
As refered from: ($GLOBALS[HTTP_REFERER])\n.
Browser Platform: ($GLOBALS[HTTP_USER_AGENT])\n.
like
if ($HTTP_REFERER == certain host) {
do finalise code
}
On Fri, 17 Aug 2001, Erich Zigler wrote:
I am working on the last half of an Online Signup page for an ISP.
There is a local .php page on the webserver that actually finalizes the
addition of the user, but ONLY if
Sorry missed a bit you'll just need to ereg out the hostname from
HTTP_REFERER - take everything after http:// and before /...
Nick.
On Fri, 17 Aug 2001, Erich Zigler wrote:
I am working on the last half of an Online Signup page for an ISP.
There is a local .php page on the webserver that
Probably best to read stuff first ;)
try preg_match
preg_match(/^(http:\/\/)?([\/]+)/i, $HTTP_REFERER, $hostname);
the hostname will be in $hostname[2]
Hope it helps.
On Fri, 17 Aug 2001, Nick Davies wrote:
Sorry missed a bit you'll just need to ereg out the hostname from
HTTP_REFERER
On Fri 17 Aug 2001, Nick Davies wrote:
Probably best to read stuff first ;)
try preg_match
preg_match(/^(http:\/\/)?([\/]+)/i, $HTTP_REFERER, $hostname);
the hostname will be in $hostname[2]
Hope it helps.
Thanks. But is using $HTTP_REFERER the most secure way of doing it? Or can
the
According to the spec:
$HTTP_REFERER
The address of the page (if any) which referred the browser to the
current page. This is set by the user's browser; not all browsers will set
this.
So if it is set by the user's browser, it can be changed, or shut off.
I believe there are programs
Hello,
i'm not sure i would worry too much about the referrer.. if your 'add
account' script has decent error checking, it shouldn't matter if the user
creates their own form.
-jesse
--
Jesse Arnett [EMAIL PROTECTED]
SISCOM Inc http://www.siscom.net/
Southern Ohio's Superior Internet Service
I have a frameset that runs on a SSL enabled server that has two frames in it.
One of the source is the local machine and the other one is a (outsourced
asp !!) script in another machine without SSL.
The non SSL one requires HTTP_REFERER to make sure it was hit from the
authorized server.
Bug in IE? PHP doesn't even enter the picture here. The HTTP_REFERER
variable is defined by the web server if that information is provided by
the browser.
No, it's not really a PHP thing, it's more HTML stuff.
I suspect that the error comes because one of the server is not running
SSL, so IE
HTTP_REFERER work ONLY clicking a link which brings you to a page in the
SAME window.
this value comes from your browser and it is very unreliable
Sincerely,
Maxim Maletsky
Founder, Chief Developer
PHPBeginner.com (Where PHP Begins)
[EMAIL PROTECTED]
www.phpbeginner.com
-Original
//echo $test."br";
"//" . Without the remark, the code work but I get the error message
stating
Warning: Cannot add header information - headers already sent by
(output
started at test.php) in test.php on line **
Yes.
A header is called a header because it comes
67 matches
Mail list logo