Steven Macintyre wrote:
Hi all,
http://steven.macintyre.name/myscript.phps
is my code as it stands
The purpose of the code is as follows;
Its for a non-profit company - wanting to offer "support" banners for users
who pay for them right ... as in donation.
They want to be able to restrict those banners to a certain period "the
bought period" and I want to restrict them to only access the banners from
the specified URL when they signed up.
IE ... if you signed up with http://www.yourlovelydomain.com i want to be
able to limit the display of these banners depending on the hash and somehow
- checking the domain its coming from
Any ideas - am i on the right track ?
If i take OUT the getenv if then, it works ... so i know that is where the
problem is.
S
First of all, be VERY MINDFUL of SQL-injection attacks. Right now your
code is *very* vulnerable. Now, your problem is exactly as you stated:
you don't get the data in the expected format. getenv ("REMOTE_HOST") is
NOT the referrer. Furthermore, the referrer (which I don't recall what
it is sent as exactly, as 'REFERER' I guess (usually gotten via $_SERVER
or $_ENV, but getenv() should also work)) is not 'just' the domain name
but also includes the path, so you have a huge chance that it won't be
exactly what you expect it to be. Parse the url (parse_url() is your
friend), extract the host and match against that.
- Tul
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
