Bob Burns wrote:
>Why not do something simple and more fool proof like:
>
>if (stripos($_SERVER["HTTP_REFERER"],"domain.com/index.php") !== false) {
> -------- we have a valid referrer with or without some leading or
>trailing characters
>}
>
>or the inverse
>
>if (stripos($_SERVER["HTTP_REFERER"],"domain.com/index.php") === false) {
> -------- we do not have a valid referrer
>}
>
>The "domain.com/index.php" being the smallest string necessary to be found
>or not in the URL to
>properly authenticate the source of the link.
>
>Just a thought.
>
>Bob
>
>
This might fail if the user uses an URL like:
http://www.some.other/url?haxor=domain.com/index.php
- Nebu
------------------------ Yahoo! Groups Sponsor --------------------~-->
$4.98 domain names from Yahoo!. Register anything.
http://us.click.yahoo.com/Q7_YsB/neXJAA/yQLSAA/saFolB/TM
--------------------------------------------------------------------~->
PHP Data object relational mapping generator - http://www.meta-language.net/
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/php-objects/
<*> To unsubscribe from this group, send an email to:
php-objects-unsubscribe@xxxxxxxxxxxxxxx
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
