cclloyd9785 Posted September 28, 2011 Share Posted September 28, 2011 Is it possible to make it so that if they come from any site other than a certain URL, the site won't show up? Link to comment Share on other sites More sharing options...
Synook Posted September 29, 2011 Share Posted September 29, 2011 Naively, you can check the Referer header using a server-side language, and do something if it doesn't match what you expect. However, it is pretty easy to fake the Referer header (and any request header, in fact), and so there is no foolproof way. Link to comment Share on other sites More sharing options...
cclloyd9785 Posted September 29, 2011 Author Share Posted September 29, 2011 I just want most of them to be only accessable if you visit it from one certain website (But any page on that website, not just one certain url, but any page on that site). Link to comment Share on other sites More sharing options...
Synook Posted September 30, 2011 Share Posted September 30, 2011 Yes, you still need to use the referer header. Say I was on the page at http://a.com/b.html, and clicked on a link which pointed to http://c.com/d.html. Then the referer header in the request sent to c.com would usually be "http://a.com/b.html". You could thus pattern match that to check whether "a.com" was part of the URL in the right place. Link to comment Share on other sites More sharing options...
cclloyd9785 Posted October 3, 2011 Author Share Posted October 3, 2011 You could'nt possible point me to an example/tutorial could you? I've googled and searched and found nothing. Link to comment Share on other sites More sharing options...
Synook Posted October 4, 2011 Share Posted October 4, 2011 There are several ways, you could do it using PHP and parse_url(): <?php if (!($url = parse_url($_SERVER['HTTP_REFERER']) && $url["host"] == "certainwebsite.com")) { die("or redirect, or something"); }?><!-- rest of page here --> You can also do this using Apache configuration files, though I can't remember how to off the top of my head. Link to comment Share on other sites More sharing options...
cclloyd9785 Posted October 5, 2011 Author Share Posted October 5, 2011 It seems to be not recognizing the site, either one. I tried adding an elseif statement to fix it not blocking its own site, but that didn't work. <?php if (!($url = parse_url($_SERVER['HTTP_REFERER']) && $url["host"] == "pokefarm.org")) {die("notfound.html");} elseif (!($url = parse_url($_SERVER['HTTP_REFERER']) && $url["host"] == "cclloyd.zxq.net")) {die("notfound.html");}?> Also how could I have it redirect to the notfound.html? I searched but there was no redirect function. Link to comment Share on other sites More sharing options...
Ingolme Posted October 6, 2011 Share Posted October 6, 2011 I think it should be something like this: $url = parse_url($_SERVER['HTTP_REFERER']);if(isset($url['host']) && ($url['host'] != 'pokefarm.org' || $url['host'] != 'cclloyd.zxq.net')) { header('Location: http://example.com/notfound.html'); // Location headers MUST be a complete URL exit;} Link to comment Share on other sites More sharing options...
cclloyd9785 Posted October 6, 2011 Author Share Posted October 6, 2011 When I have it as header, I get an error. When I have it as die, I do not. [b]Warning[/b]: Cannot modify header information - headers already sent by (output started at /www/zxq.net/c/c/l/cclloyd/htdocs/index.php:8) in[b]/www/zxq.net/c/c/l/cclloyd/htdocs/header.php[/b] on line [b]4 [/b] Line 4: header('Location: http://cclloyd.zxq.net/notfound.html'); Also I think we did this in reverse. It blocks it from those two sites when I want it to block all other sites, but I want those two sites to be the only ones that let you in, with all other sites blocked. Link to comment Share on other sites More sharing options...
thescientist Posted October 6, 2011 Share Posted October 6, 2011 the error is trying to tell you why. you must have some other form of output coming before the header. You cannot have any whitespace, echo's or the like happen before you can use header. if the logic is backwards right now, try and implement the opposite. Link to comment Share on other sites More sharing options...
Ingolme Posted October 6, 2011 Share Posted October 6, 2011 The thing is that die() doesn't redirect.If you write die("file.html") it's just going to print "file.html" and stop execution. Link to comment Share on other sites More sharing options...
cclloyd9785 Posted October 6, 2011 Author Share Posted October 6, 2011 Yea I know, and I would be willing to just put a message instead of my 404 page. I would still rather have it though. So is there any particular reason I'm getting that PHP error? And how would I reverse it to make those two sites the only ones allowed? Link to comment Share on other sites More sharing options...
Synook Posted October 7, 2011 Share Posted October 7, 2011 You get that error because, as thescientist says, you have output (e.g. spaces, HTML) before your PHP code (specifically, the <?php bit). And you just need to negate the statement to get your desired result. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.