Re: how can I ensure a PAGE2.php is opened only after viewing PAGE1.php AND is opened in HTTPS?

From: Thi Nguyen (thihn_at_uci.edu)
Date: 11/20/03

• Next message: Manuel Lemos: "Re: PHP Classes suggestions (was Re: Recommendations for PHP Form Validation Script)"
• Previous message: Manuel Lemos: "Re: email, text files and accents"
• In reply to: Tom Thackrey: "Re: how can I ensure a PAGE2.php is opened only after viewing PAGE1.php AND is opened in HTTPS?"
• Next in thread: FLEB: "Re: how can I ensure a PAGE2.php is opened only after viewing PAGE1.php AND is opened in HTTPS?"
• Reply: FLEB: "Re: how can I ensure a PAGE2.php is opened only after viewing PAGE1.php AND is opened in HTTPS?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Wed, 19 Nov 2003 18:01:41 -0800

You could also look into the referer and see whether it came from
https://yourdomain.com/page1.php or not, etc etc

"Tom Thackrey" <use.signature@nospam.com> wrote in message
news:vuOub.32665$Hl4.15862@newssvr25.news.prodigy.com...
>
> On 19-Nov-2003, "NotGiven" <noname@nonegiven.net> wrote:
>
> > I have a web page where certain pages have to be opened in a certain
order
> > and should only be available when the user openes them in HTTPS.
> >
> > They are all forms and the form action sends you to the next https://
page
> > but you can also take the S out of https:// and it opens also. That's
> > what
> > I need to avoid as well as making certain they got to a certain page
FROM
> > a
> > certain page.
> >
> > When I try:
> > if (isset($_SERVER['HTTPS']!='on'))
> > it crashes and is not even listed on php.net as a valid variable.
>
> Either hide something in a field on the page that you check in the next
page
> (if your hidden field isn't in the $_POST array you know the user didn't
> come from that page) or use sessions.
>
> --
> Tom Thackrey
> www.creative-light.com
> tom (at) creative (dash) light (dot) com
> do NOT send email to jamesbutler@willglen.net (it's reserved for spammers)

---

• Next message: Manuel Lemos: "Re: PHP Classes suggestions (was Re: Recommendations for PHP Form Validation Script)"
• Previous message: Manuel Lemos: "Re: email, text files and accents"
• In reply to: Tom Thackrey: "Re: how can I ensure a PAGE2.php is opened only after viewing PAGE1.php AND is opened in HTTPS?"
• Next in thread: FLEB: "Re: how can I ensure a PAGE2.php is opened only after viewing PAGE1.php AND is opened in HTTPS?"
• Reply: FLEB: "Re: how can I ensure a PAGE2.php is opened only after viewing PAGE1.php AND is opened in HTTPS?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: how can I ensure a PAGE2.php is opened only after viewing PAGE1.php AND is opened in HTTPS? ... You could also look into the referer and see whether it came from ... > come from that page) or use sessions. ... > Tom Thackrey ... > do NOT send email to jamesbutler@willglen.net (it's reserved for spammers) ... (alt.php) Re: Schwarze FT QL (nicht FTb) ... Es gibt diverse Tricks, wie man dieses Feature ... z.B. über Sessions oder Referer umgehen kann, ... ist das blinde Vertrauen auf korrekte Referer ... (de.rec.fotografie)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)