----- Original Message ----- From: "Sebastian" <sebastian@xxxxxxxxxxxxxxxxxxx> To: <php-general@xxxxxxxxxxxxx> Sent: Saturday, February 26, 2005 8:31 PM Subject: http referer > ok, so i made a file manager and i need to prevent people from linking > directly to files that do not come from another part of the site. > > i know i can use http_referer, but i wonder how fool proof it is, i dont > want to spit out errors to a legit user that actually came from a valid page > before trying to access the file url. some people have said http_referer is > not always accurate. Never rely on it. It might be not set at all, it's easy to spoof. I would think about sessions here. btw this topic has been discussed much, so you probably should STFA. > > any examples, snips, would be helpful. > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php