Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > PHP/MySQL > Pro PHP
Password Reminder
Register
Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Pro PHP Advanced PHP coding discussions. Beginning-level questions will be redirected to the Beginning PHP forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Pro PHP section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developersí questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Display Modes
  #1 (permalink)  
Old January 4th, 2005, 02:26 PM
Registered User
 
Join Date: Jan 2005
Location: , , .
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default refering url

Hi,

How can I get the refering page's url with php script.

I tried this:

if (!isset($_SERVER['HTTP_REFERER'])) {
 $referer = "No Referer";
}
else {
 $referer = $_SERVER['HTTP_REFERER'];
}

It's working, but it's just get the requested url in my page.

I need refering page's url. Is it possible?

xZs

Reply With Quote
  #2 (permalink)  
Old January 4th, 2005, 02:32 PM
richard.york's Avatar
Wrox Author
Points: 5,506, Level: 31
Points: 5,506, Level: 31 Points: 5,506, Level: 31 Points: 5,506, Level: 31
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Camby, IN, USA.
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
Default

It is $_SERVER['HTTP_REFERER']

But, remember that there is no refering page if you load up the page directly. It is also possible to spoof the HTTP_REFERER, since this is provided by the browser. So it shouldn't be relied upon too heavily. And a third variable, the name of the variable may change depending on your HTTP server, that should work if the HTTP server is Apache. It may be the same for IIs, Xitami, etc, but I'm not sure.

HTH!

Regards,
Rich

--
[http://www.smilingsouls.net]
Mail_IMAP: A PHP/C-Client/PEAR solution for webmail
Author: Beginning CSS: Cascading Style Sheets For Web Design
Reply With Quote
  #3 (permalink)  
Old January 4th, 2005, 02:47 PM
Registered User
 
Join Date: Jan 2005
Location: , , .
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

spoof the HTTP_REFERER (???)

Reply With Quote
  #4 (permalink)  
Old January 4th, 2005, 03:03 PM
richard.york's Avatar
Wrox Author
Points: 5,506, Level: 31
Points: 5,506, Level: 31 Points: 5,506, Level: 31 Points: 5,506, Level: 31
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Camby, IN, USA.
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
Default

Certainly. In fact any information a browser provides can be spoofed. I could write a robot, in PHP in fact, that announces I am Firefox 1.0 or MSIE 6 and just came from a URL on your site, when really I am an evil spam bot harvesting email addresses or malware of some kind launching a DOS attack, or something else equally as evil. That information (User agent string and referring url) is sent in the HTTP request headers. Not terribly difficult information to forge for the motivated programmer.

One possible use of the HTTP_REFERER variable is to ensure that a form has been posted from a page on the same website. This is done to keep malware from posting to the form from elsewhere, or to prevent DOS attacks, or whatever else a hacker might do. However, it is a pretty flimsy authentication that is easily bypassed.

It can also be pretty useful for other more benign things too though. For instance forwarding requests from a dynamic 404 error page. Remembering the URL that requested a login page, so that after login the user can be sent back to that page.

Regards,
Rich

--
[http://www.smilingsouls.net]
Mail_IMAP: A PHP/C-Client/PEAR solution for webmail
Author: Beginning CSS: Cascading Style Sheets For Web Design
Reply With Quote
  #5 (permalink)  
Old January 4th, 2005, 06:15 PM
Authorized User
 
Join Date: Dec 2004
Location: , , United Kingdom.
Posts: 44
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to colin.horne
Default

Another use for it is in sessions.

I made a session class that passed the session ID (SID) from page to page without the need for cookies and without the need to append the SID to the end of every URL in the page.

How it works:

When a user logs in (or otherwise begins their session) they are redirected to a page with the SID amended to the end of the URL. When they click on a link, the requested page gets the SID from the HTTP_REFERER URL, and redirects the user to $_SERVER['PHP_SELF']."?SID=$sid".

In theory it allowed users with cookies disabled to be able to use sessions, even if the webmaster didn't manually add the SID to the end of each URL, but it would cause infinite loops if someone had both cookies AND HTTP_REFERERs turned off in their browser (it's possible to stop your browser from sending the HTTP_REFERER when it requests pages).

If you're interested to see just what your browser is sending to web pages, then you might consider running a packet sniffer (such as ethereal) while you request a page. You can also go to http://www.colinhorne.co.uk/~colin/p...fined_vars.php (view the pages source), to see all the variables that are set when you view my webpage.

You'll probably be most interested in the $_SERVER array.

Cheers

--
Please contact me at:
Colin (dot) Horne (at) gmail (dot) com
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Refering Different versions of same assembly anubhav.kumar .NET Framework 1.x 0 March 26th, 2007 06:37 AM
problem about refering subreport bbqlee Access 1 July 3rd, 2006 07:37 AM
Chapter 9 - Which table are the samples refering ? gyazgan BOOK: Professional SQL Server 2005 Integration Services ISBN: 0-7645-8435-9 0 May 29th, 2006 01:05 PM
refering url xzsolti PHP How-To 2 January 4th, 2005 02:44 PM
Looping Form Generation - Refering to Controls IP076 Pro PHP 1 December 10th, 2004 07:13 PM



All times are GMT -4. The time now is 05:48 AM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.