Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I'm bulding a web site and I do not want others to link to my pages. I
can use on every sinle page the http_referer to detect who's the
referer and decide if I have to give access or not...some peoples are
using javascript to redirect there visitors to my site.

Problem is if other sites redirect visitors using javascript and the
visitor browser is Internet Explorer, i am getting blank

I tried...

$HTTP_REFERER = getenv("HTTP_REFERRER"); getting blank in IE only

$HTTP_REFERER = $_SERVER("HTTP_REFERRER"); getting blank in IE only

Can you help me to solve my problems.



Quoted text here. Click to load it

That's unusual.  Many people pay for search engine optimization, which
often involves getting people to link to your site.

Quoted text here. Click to load it

Since the information is coming from the browser, it's not dependable
and is of questionable use for security purposes.

Note also that some users and/or ISPs have filters that block referer
information and that in some cases, the users can't turn it off
even if their lives depended on it.  You'll probably end up blocking
legitimate users of your site.

Quoted text here. Click to load it

Speling counts.  Make up your mind whether you're using HTTP_REFERER

Quoted text here. Click to load it
Speling counts.

Speling counts.  Also, isn't that supposed to be $_SERVER["HTTP_REFERER"]
(note brackets, not parens)?

Quoted text here. Click to load it

Are you sure it won't work if you spell correctly?


Quoted text here. Click to load it

As Gordon says "spelling counts". "there" should be "their". In
programming as in English grammar, if you don't take the trouble to
spell correctly, don't expect the results to be any good.

Also as Gordon says, you are on a hiding to nothing trying to meet
your stated aim. I would suggest you password protect the site and
then only authorised people will get there.



Quoted text here. Click to load it

That's how the internet thingy works :)  If you really want to protect
content you need some kind of login system.

I wouldn't use http_referer.  Use a session variable and point people
at your front door if it's not present.

Note, this will only protect pages, not images.  To stop people
linking to them you will have to employ other methods.
Geoff Berrow
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Put thecat out to email


Quoted text here. Click to load it

It's possible to make a PHP script that checks for a valid login
or session and then conditionally serves up an image, using such
functions as header("Content-type: image/jpeg"), and readfile().
Link to that script as though it's an image - as far as the browser
is concerned, it is one.  Put the real image somewhere outside the
document tree so the only link to the image is the PHP script.  Some
people put images in databases, and you could extract the image and
output it, but only after the login check.

You can serve up different images depending on whether it's an
unwanted link or not.  Perhaps they get a relevant graph if they
are logged in and gory autopsy pictures if they are not.  On the
other hand, realize that mistakes will happen, and if the boss will
get seriously upset at autopsy pictures, better not use them.  Maybe
you use a picture of a pirate with a red circle and slash.  Or use
a small image that looks like the browser "broken image" icon.

Here's an example script.  It has been edited from a script that
executes gnuplot with data from a database to generate graphs on
the fly (which results in an image in a file).  The image file
should be *outside* the document tree.  The length test is used
because something can go wrong in gnuplot (syntax errors in the
commands or data it doesn't like) in generating the image.

    /* perform login check */
    /* set $name to name of image file to serve up */
    /* based on result of login check */
    /* don't output stuff for testing; it will mess up the image */

    $length = filesize($name);
    if ($length > 0) {
        /* change line below for type of image */
        header("Content-type: image/png");
        header("Content-length: $length");
    } else {
        /* A zero-length image means something screwed up */
        header("Content-type: text/plain");
        echo "Pirating images is a no-no";
    /* Optional:  unlink($name); if $name is a temporary file */


Quoted text here. Click to load it

That's not the right way to solve your problem. Have a google for


Site Timeline