Re: HTTP_REFERER or alternative

Álvaro G. Vicario wrote:
Jerry Stuckle escribió:
Álvaro G. Vicario wrote:
mrsmithq escribió:
I have a page that has this logic in it:

//We can call it access.php
if (!isset($_SESSION['user'])){
header("Location:index.php");
exit();
}

//Here is the index.php
echo "<br>" . $_SERVER['HTTP_REFERER'];


The index.php displays this when it is called from the access.php:
Notice: Undefined index: HTTP_REFERER in /usr/local/apache2-
development/htdocs/index.php on line

How can I go to access.php and then is the user object is not set, it
forwards me to the index page and the index page now knows where it
came from so that the index page acan follow some logic and return to
the access.php page?

Just add a new parameter:

$return = $_SERVER['REQUEST_URI'];
header('Location: http://example.com/index.php?return=' .
rawurlencode($return));



Even worse than using HTTP_REFERER.

The reason is not obvious to me (if it was, I would not have recommended it). Sites like Gmail and Yahoo do it this way:

https://www.google.com/accounts/ServiceLogin? ... continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl

http://us.rd.yahoo.com/ ... done=http%3a//groups.yahoo.com

... so I never thought it could be so wrong. Can you elaborate on this?




Anyone can put anything in the URL.

Not only are Yahoo and GMail are using it for something entirely different, but "someone else is doing it" is NEVER a good reason. I don't care who it is.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@xxxxxxxxxxxxx
==================
.

Relevant Pages

  • Re: Damn eBay monkeys..
    ... Probably the same reason your career at Mickeysoft takes a dive if you ... I don't care if they don't allow gmail addresses. ... and it took a Yahoo address ok. ... I think you need to check your spam filters. ...
    (alt.marketing.online.ebay)
  • Re: Damn eBay monkeys..
    ... I finally figured it out - they don't allow gmail addresses for some reason. ... I don't know which is more furstrating - their nonsensical responses or not getting any response. ... I knew that, and thought of it even - but both my accounts are up to date on credit cards, and it took a Yahoo address ok. ...
    (alt.marketing.online.ebay)
  • Re: I have 3 HOTMAIL "free" accounts...why am i losing express???
    ... Correction -- I meant SMTP with authentication, which is what Gmail ... but what Yahoo does not use for some reason. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: [opensuse] Enuff of the Unknown Sender and no (subject)
    ... Yahoo has been my main account for 20+ years. ... connection to OpenSuse in gmail. ... OpenSuse does not go through ... the same "Unknown sender ...
    (SuSE)
  • Re: Help-How do I import my Yahoo Folders to Gmail?
    ... Where are those folders you never mention so it could be folders shown in the message store for Outlook or folders defined in the webmail service at Yahoo and Gmail. ...
    (microsoft.public.outlook)