You can never fully rely on any information given to you by the browser.
You can't rely it being accurate or even being there at all. What I suggest
to you is code a solution around the IP address. The IP address of course,
like any information coming from the client, can be tampered with but more
than likely it's not going to change while the user is browsing your
website. Right? So you just use it as a temporary ID. Log the IP to the
database, track the IP's movements on your website, log those actions to a
database. That's the best way to do it without having to force the user to
login. If you're concerned about people browsing from network IP then code
a solution using Sessions and track the session id. And finally if you need
to know that a client has 'returned' to your website set a cookie on their
computer. I'm sure you'll find ways to elaborate from there. You can do
all of this without requiring the user to "login".
-Kevin
----- Original Message -----
From: "Scott Fletcher" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 15, 2003 2:07 PM
Subject: Re: [PHP] HTTP_REFERER work without a problem....
> It's not a PHP bug. Many PHP programmer tried to their best to use
> HTTP_REFERER so they can keep track of which webpages on the current
website
> did the user last visited. That way, they can keep out the unauthorized
> access to the website without first logging in to the website.
>
> Well, my company's website use both SSL and Session ID. They are good for
> starter but they aren't any secure if anyone can make a direct access
> without logging in. That's where I use HTTP_REFERER to see what last page
> did he or she visited, if the last page being visited is outside of my
> company's website then php moved the end user to the login page. It is
> pretty effective.
>
> The common problem with the browsers is that they aren't compactible so
> HTTP_REFERER don't alway work right and sometime return a blank if those
> three are being used. I had been observing it for a few years. Those
three
> are 1) HierMenus, 2) location.replace('') and 3) location.href=''. When
> either one of these are in use, some browsers return with a blank in
> HTTP_REFERER.
>
> Cheers....
>
> "Chris Shiflett" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > --- Scott Fletcher <[EMAIL PROTECTED]> wrote:
> > > Here's what I found so interesting....
> > >
> > > This code, $_SERVER['HTTP_REFERER'] have worked without a
> > > problem when I use the latest Mozilla build. It even work
> > > with the HierMenus,
> > location.replace('http://whatever.com'),
> > > and location.href = http://whatever.com...
> > >
> > > This is a good news for PHP everywhere.
> > >
> > > Unfortunately, Internet Explorer still have this
> > > bug.......
> >
> > What bug is that?
> >
> > Is there a question here somewhere? I think I am having a
> > hard time interpreting it.
> >
> > Chris
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
