470,849 Members | 1,081 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,849 developers. It's quick & easy.

calling url.

Hello,

Is it possible, with php, to figure out what the "calling url" is ?

Let's say I have a track.html (with some php code) and if someone
clicks on a link to track.html I want to see the url where that visitor
came from.

can that be done ?

thanks,

Ron
May 8 '06 #1
3 2011
On Mon, 08 May 2006 09:52:36 -0500, Ron Croonenberg wrote:
Hello,

Is it possible, with php, to figure out what the "calling url" is ?

Let's say I have a track.html (with some php code) and if someone clicks
on a link to track.html I want to see the url where that visitor came
from.

can that be done ?


Not 100% reliably (it's up to the browser to send it) but check out
$_SERVER["HTTP_REFERER"]

Cheers,
Andy

--
Andy Jeffries MBCS CITP ZCE | gPHPEdit Lead Developer
http://www.gphpedit.org | PHP editor for Gnome 2
http://www.andyjeffries.co.uk | Personal site and photos

May 8 '06 #2
>Is it possible, with php, to figure out what the "calling url" is ?

Let's say I have a track.html (with some php code) and if someone
clicks on a link to track.html I want to see the url where that visitor
came from.

can that be done ?


$_SERVER['HTTP_REFERER'] can be used BUT it's sent by the browser
so it can easily be faked or deleted. This is one of the most
mucked-with variables on the web, even more than cookies. Many
Windows firewalls delete it and their owners couldn't re-enable it
to save their lives (even though that setting is usually in there
somewhere). CURL provides a way to send a fake one. And, of course,
a fake one can be sent by manually typing HTTP headers into telnet.

If you're trying to use it to get an idea where visitors come from,
it might work well enough for your purposes. If you're trying to
prevent references to images on your site from other sites, it's
easy to defeat and it will break your site for legitimate users.
If you think it's a way to detect bots, it's doomed to failure. If
you think it's a way to secure your site with Javascript input
parameter checking only on YOUR form and you can prevent people
from copying your form and altering it, your security is hopelessly
broken.
Gordon L. Burditt
May 8 '06 #3
Neah not trying to do anything fancy like that

Just wanted to see (a bit) where users were coming from
thanks...

Gordon Burditt wrote:
Is it possible, with php, to figure out what the "calling url" is ?

Let's say I have a track.html (with some php code) and if someone
clicks on a link to track.html I want to see the url where that visitor
came from.

can that be done ?

$_SERVER['HTTP_REFERER'] can be used BUT it's sent by the browser
so it can easily be faked or deleted. This is one of the most
mucked-with variables on the web, even more than cookies. Many
Windows firewalls delete it and their owners couldn't re-enable it
to save their lives (even though that setting is usually in there
somewhere). CURL provides a way to send a fake one. And, of course,
a fake one can be sent by manually typing HTTP headers into telnet.

If you're trying to use it to get an idea where visitors come from,
it might work well enough for your purposes. If you're trying to
prevent references to images on your site from other sites, it's
easy to defeat and it will break your site for legitimate users.
If you think it's a way to detect bots, it's doomed to failure. If
you think it's a way to secure your site with Javascript input
parameter checking only on YOUR form and you can prevent people
from copying your form and altering it, your security is hopelessly
broken.
Gordon L. Burditt

May 9 '06 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by Asapi | last post: by
8 posts views Thread by Muthu | last post: by
7 posts views Thread by Klaus Friese | last post: by
5 posts views Thread by Nick Flandry | last post: by
3 posts views Thread by Mike | last post: by
2 posts views Thread by Geler | last post: by
47 posts views Thread by teju | last post: by
7 posts views Thread by =?Utf-8?B?UVNJRGV2ZWxvcGVy?= | last post: by
10 posts views Thread by sulekhasweety | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.