Prevent going to next record in the URL

[cabUK]

I am wondering about the best way to prevent users from going to the next record in a database by using the URL bar.So if I have this in the URL: www.site/items.php?itemno=2I want to prevent them from going to the url and typing in 3 etc.I am at a bit of a lose on this so any help would be appreciated.

[Matpatnik]

You can use a cookie or session to send a valid number and redirect them if it doesn't match but their is probably a better way of doing it.

[justsomeguy]

You can check the referer header, if it's blank then they probably typed the URL in. Keep in mind that's also going to stop people from emailing links to that page to other people or using bookmarks.

[cabUK]

You can check the referer header, if it's blank then they probably typed the URL in. Keep in mind that's also going to stop people from emailing links to that page to other people or using bookmarks.

Its ok for the linking etc. Its for a game so linking and bookmarking is not an issue.I will take a look at this and see how it goes.Thanks for the replies.

[Guest sven_s]

I would suggest, that you pass a random number as a second parameter, which can be created by php function rand(). Then you check for the number in your query (the number has to be stored in your database as well). So you can only view a record if the number matches as well. It's probably much safer that way as you'd have to "guess" the random number if you try to set the parameter in the URL manually.

[justsomeguy]

In that case it would be better to store it in the session rather then a database.

[cabUK]

thanks I will take a look.The way I have found is to compare the location of the shop to the location the player is in.But the random number sounds quicker.Thanks for the help so far guys.