I have a page that I don't want anyone to be able to link directly to. The
page should only be accessed from gatepage.php. I tried this code, but keep
getting errors - "header info already sent", or something like that... Am I
missing something, or is there a better way to do this?
<?php
$ref = $_SERVER["HTTP_REFERER"];
//echo $ref;
if ( $ref == 'http://www.mydomain.com/gatepage.php' )
{
//record visit
}
else
{
//send to gatepage.php
header("Location:http://www.somegatepage.com");
exit;
}
?>
Thanks. 9 28628
deko wrote: I have a page that I don't want anyone to be able to link directly to. The page should only be accessed from gatepage.php. I tried this code, but keep getting errors - "header info already sent", or something like that... Am I missing something, or is there a better way to do this?
<?php $ref = $_SERVER["HTTP_REFERER"]; //echo $ref; if ( $ref == 'http://www.mydomain.com/gatepage.php' ) { //record visit } else { //send to gatepage.php header("Location:http://www.somegatepage.com"); exit; } ?>
The error "headers already sent" means that you've outputted content before
sending HTTP headers. Check your PHP script for whitespace before <?php etc.
By the way, HTTP_REFERER is not reliable for determining where a user come from
as for example firewalls can prevent that kind of information from being sent.
You could however check if the referer starts with http:// but isn't http://www.mydomain.com/gatepage.php and then redirect them to the gateway page.
Regards,
Per Gustafson
>I have a page that I don't want anyone to be able to link directly to. The page should only be accessed from gatepage.php. I tried this code, but keep getting errors - "header info already sent", or something like that... Am I missing something, or is there a better way to do this?
If you wish to send headers (such as Location:) you must output
them before outputting ANYTHING else. Including the blank line
before <?php . Or a single space. Or any debug output (that
echo $ref will BREAK your script if it's uncommented).
^^blank line (invisible but deadly)<?php $ref = $_SERVER["HTTP_REFERER"]; //echo $ref; if ( $ref == 'http://www.mydomain.com/gatepage.php' ) { //record visit } else { //send to gatepage.php header("Location:http://www.somegatepage.com"); exit; } ?>
Incidentally, HTTP_REFERER is unreliable since it comes from the
user's browser. But it may be better than nothing. Or maybe not.
Lots of things filter HTTP_REFERER so it may break for users
who are trying to use gatepage.php .
Gordon L. Burditt
"deko" wrote: I have a page that I don’t want anyone to be able to link directly to. The page should only be accessed from gatepage.php. I tried this code, but keep getting errors - "header info already sent", or something like
that... Am I missing something, or is there a better way to do this?
<?php $ref = $_SERVER["HTTP_REFERER"]; //echo $ref; if ( $ref == ’http://www.mydomain.com/gatepage.php’ ) { //record visit } else { //send to gatepage.php header("Location:http://www.somegatepage.com"); exit; } ?>
Thanks.
Deko, the problem you are experiencing relates to some header
information having been sent before you did the redirect. Easy to fix:
just cache all the output via ob_start (see php manual).
The other way, less recommended, is to use a javascript redirect.
-- http://www.dbForumz.com/ This article was posted by author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.dbForumz.com/PHP-redirect...ict135845.html
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.dbForumz.com/eform.php?p=453690
> By the way, HTTP_REFERER is not reliable for determining where a user come
from as for example firewalls can prevent that kind of information from being
sent. You could however check if the referer starts with http:// but isn't http://www.mydomain.com/gatepage.php and then redirect them to the gateway
page
Well, if HTTP_REFERER is unreliable, I may be asking for trouble. Perhaps
another option is to plant a cookie on the gateway page and then check for
it on the login page. This means the user's browser needs to be able to
process my cookie... do you think that's more reliable than HTTP_REFERER?
> If you wish to send headers (such as Location:) you must output them before outputting ANYTHING else. Including the blank line before <?php . Or a single space. Or any debug output (that echo $ref will BREAK your script if it's uncommented).
Thanks for the tip - that was it...
In article <cT*****************@newssvr21.news.prodigy.com> , deko wrote: I have a page that I don't want anyone to be able to link directly to. The page should only be accessed from gatepage.php. I tried this code, but keep getting errors - "header info already sent", or something like that... Am I missing something, or is there a better way to do this?
At gatepage.php you start a session, and you save the gatepage.php in
it. Now when the visitor moves on to foo.php you can check if
gatepage.php is in the session.
--
Tim Van Wassenhove <http://home.mysth.be/~timvw>
> At gatepage.php you start a session, and you save the gatepage.php in it. Now when the visitor moves on to foo.php you can check if gatepage.php is in the session.
Sounds good. I'm new to php and have not yet used sessions. Time to
learn...
deko wrote: By the way, HTTP_REFERER is not reliable for determining where a user come
from
as for example firewalls can prevent that kind of information from being
sent.
You could however check if the referer starts with http:// but isn't http://www.mydomain.com/gatepage.php and then redirect them to the gateway
page
Well, if HTTP_REFERER is unreliable, I may be asking for trouble. Perhaps another option is to plant a cookie on the gateway page and then check for it on the login page. This means the user's browser needs to be able to process my cookie... do you think that's more reliable than HTTP_REFERER?
You could eliminate the risk of locking out users (which I presume is what's
most important) by calculating some kind of checksum based on time and other
factors which aren't subject to change (HTTP_USER_AGENT is, for intance, seldom
changed) and then redirect the user with that checksum in a GET variable.
You could also combine cookies and HTTP_REFERER so you'd have a fall-back if
cookies aren't enabled.
There's actually a few different approaches depending on what you want to
achieve, what's most important (to get all users in okey which comes from the
gateway or to prevent those coming from other pages from getting in) and so on.
/p
-- http://www.pergustafsson.com/
> There's actually a few different approaches depending on what you want to achieve, what's most important (to get all users in okey which comes from
the gateway or to prevent those coming from other pages from getting in) and
so on.
Someone suggested using a session. I thought I might explore that. Other
suggestion? This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Google Mike |
last post by:
Imagine your web hosting provider just permitted you to type
*.mydomain.com and you still get to the mydomain.com website that they
host for you. Imagine you want to setup websites for your family...
|
by: AJ |
last post by:
Does anyone know how i can go about doing this?
Thanks,
|
by: ldixon789 |
last post by:
I'm trying to either redirect users to a new page or giving them an
alert message depending on the value of a cookie. I'm very new to
Javascript and would appreciate any advice on making the...
|
by: Andrew |
last post by:
I am looking for a simple JavaScript program that would redirect users
to one of two web pages based on the web page counter. For example,
when the counter is odd, the user would be redirected to...
|
by: jonathanthio |
last post by:
Do anyone knows how to redirect based on IP?
Things like if (user.ip=202.23.23.4){
window.location="go here"
}
|
by: neil_pat |
last post by:
I have a stored procedure which returns a value of between 0 and 4.
I want the user to press a button to receive feed back on their last input.
The save button takes the input and saves it to...
|
by: Trev |
last post by:
Hi everyone,
I'm trying to modify an existing piece of Javascript that will enable a
redirect to a page based
on IP address and/or keywords in the referrer; for instance,
redirecting an existing...
|
by: lm247 |
last post by:
Hi,
I have the following script which processes the html form and inserts into 3 tables. How can I pass the value of the variable EDSID to the next page using response.redirect?
Been trying to...
|
by: THG |
last post by:
So here is my story. I have one host, and many websites. So I need a redirect based on the request. Currently if someone types in some of my websites, such as comptutes.com or xboxachieve.com,...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |