TechQA.

How to prevent SERVER['HTTP_REFERER'] switches to the calling page?

900 views Asked by At

Please help. A link obtained by using $_SERVER['HTTP_REFERER'] in form.php like this:

<?php
$link = 'http://' . getenv('HTTP_HOST') . '/';
if (isset($_SERVER['HTTP_REFERER']) and !empty($_SERVER['HTTP_REFERER'])) {
$link = $_SERVER['HTTP_REFERER'];
$refData = parse_url($link); }
if($refData['host'] !== 'domain.com') {
die("server error"); }
?>

<p>Send this link - <?php echo htmlentities($page_url, ENT_QUOTES); ?></P> 

<input name="link" type="hidden" 
value="<?php echo htmlentities($page_url, ENT_QUOTES); ?>" />
<input type="submit" value="submit" />

When the form is submitted, the referer url switches to form.php. Is it something wrong with this code or Are there any specific ways to prevent the referer url from being switched?

php http-referer http-host getenv
Original Q&A
1

There are 1 answers

1
Max On

As the comments already pointed out, it works as it should.

You could use sessions to temporarily store the referrer there when the user comes to your site for the first time. 

<?php
session_start();

// ...

if( !isset($_SESSION['referrer']) ){
    $_SESSION['referrer'] =  parse_url($_SERVER['HTTP_REFERER']);
}

// ...

if( $_SESSION['referrer'] !== "domain.com"){
    die("Server Error");
}

Related Questions in PHP

Related Questions in HTTP-REFERER

Related Questions in HTTP-HOST

Related Questions in GETENV

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions