try looking at sessions,
if they don't have a login session id send them to the login page otherwise they are
logged in so let them see the page.
works for me
Best Wishes & Happy New Year
Paul Roberts
[EMAIL PROTECTED]
++++++++++++++++++++++++
----- Original Message -----
From: "Scott Fletcher" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 15, 2003 9:07 PM
Subject: Re: [PHP] HTTP_REFERER work without a problem....
It's not a PHP bug. Many PHP programmer tried to their best to use
HTTP_REFERER so they can keep track of which webpages on the current website
did the user last visited. That way, they can keep out the unauthorized
access to the website without first logging in to the website.
Well, my company's website use both SSL and Session ID. They are good for
starter but they aren't any secure if anyone can make a direct access
without logging in. That's where I use HTTP_REFERER to see what last page
did he or she visited, if the last page being visited is outside of my
company's website then php moved the end user to the login page. It is
pretty effective.
The common problem with the browsers is that they aren't compactible so
HTTP_REFERER don't alway work right and sometime return a blank if those
three are being used. I had been observing it for a few years. Those three
are 1) HierMenus, 2) location.replace('') and 3) location.href=''. When
either one of these are in use, some browsers return with a blank in
HTTP_REFERER.
Cheers....
"Chris Shiflett" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> --- Scott Fletcher <[EMAIL PROTECTED]> wrote:
> > Here's what I found so interesting....
> >
> > This code, $_SERVER['HTTP_REFERER'] have worked without a
> > problem when I use the latest Mozilla build. It even work
> > with the HierMenus,
> location.replace('http://whatever.com'),
> > and location.href = http://whatever.com...
> >
> > This is a good news for PHP everywhere.
> >
> > Unfortunately, Internet Explorer still have this
> > bug.......
>
> What bug is that?
>
> Is there a question here somewhere? I think I am having a
> hard time interpreting it.
>
> Chris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
