Topic awaiting preservation: Restringe access (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=12434" title="Pages that link to Topic awaiting preservation: Restringe access (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: Restringe access <span class="small">(Page 1 of 1)</span>\$

Wakkos Maniac (V) Mad Scientist From: Azylum's Secret Lab Insane since: Oct 2000	posted 09-19-2002 18:48 Hello! (again) I have a client that wants to implement this SMS system: he has a web site, there is a page with info (scripts) and you can acces to them if you send a message through your movile phone to a number, then you will receive a pass to access the zone. Ok, my work is the next: I have to provide a formulary to enter the pass, that formulary will be executed in the SMS company (i have nothing to do with that) and they check the pass and send the user to my private page. The problem comes when the people access to that page, if they know the URL the page they can acces just entering the URL and go there, what I did was to check the referer, but it's not working: code: if ($SERVER["HTTP_REFERER"] == "http://www.site.com/form.php") { } else { header("Location:http://www.site.com/error"); } I added that to the private page, but it goes to the error page, It was working before, but I dunno why is not working now. How can I print the Referer, so I know if the referer is the form page or any other? OR.... Do you know a better way to implement this?
bitdamaged Maniac (V) Mad Scientist From: 100101010011 <-- right about here Insane since: Mar 2000	posted 09-19-2002 18:53 So wait you're supposed to restrict access based on a username/password validation done on another site? .:[ Never resist a perfect moment ]:.
Wakkos Maniac (V) Mad Scientist From: Azylum's Secret Lab Insane since: Oct 2000	posted 09-19-2002 18:56 Nop, I just want the people to access if they come from "http://www.site.com/form.php"
InI Paranoid (IV) Mad Scientist From: Somewhere over the rainbow Insane since: Mar 2001	posted 09-19-2002 19:19 The poster has demanded we remove all his contributions, less he takes legal action. We have done so. Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future. Don't follow his example - seek real life help first.
bitdamaged Maniac (V) Mad Scientist From: 100101010011 <-- right about here Insane since: Mar 2000	posted 09-19-2002 19:41 You're first code should work but you need to use the "_" underscore before SERVER $_SERVER['HTTP_REFERER'] if that doesn't do it, the _SERVER variable is relatively new. So if you have an older version of php use the $HTTP_SERVER_VARS['HTTP_REFERER'] variable. This will work with newer versions as well even though it has deprecated. .:[ Never resist a perfect moment ]:. [This message has been edited by bitdamaged (edited 09-19-2002).]
Wakkos Maniac (V) Mad Scientist From: Azylum's Secret Lab Insane since: Oct 2000	posted 09-20-2002 08:48 Now works! thanks InI and Bitdamage ( I added the "_" )

Topic awaiting preservation: Restringe access (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=12434" title="Pages that link to Topic awaiting preservation: Restringe access (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: Restringe access <span class="small">(Page 1 of 1)</span>\$

Wakkos
Maniac (V) Mad Scientist

From: Azylum's Secret Lab
Insane since: Oct 2000

posted 09-19-2002 18:48

Hello! (again)

I have a client that wants to implement this SMS system:

he has a web site, there is a page with info (scripts) and you can acces to them if you send a message through your movile phone to a number, then you will receive a pass to access the zone.

Ok, my work is the next:

I have to provide a formulary to enter the pass, that formulary will be executed in the SMS company (i have nothing to do with that) and they check the pass and send the user to my private page.

The problem comes when the people access to that page, if they know the URL the page they can acces just entering the URL and go there, what I did was to check the referer, but it's not working:

code:

if ($SERVER["HTTP_REFERER"] == "http://www.site.com/form.php")

      {

          }

  else

      {

      header("Location:http://www.site.com/error");

            }

I added that to the private page, but it goes to the error page, It was working before, but I dunno why is not working now.

How can I print the Referer, so I know if the referer is the form page or any other?

OR.... Do you know a better way to implement this?

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted 09-19-2002 18:53

So wait you're supposed to restrict access based on a username/password validation done on another site?

.:[ Never resist a perfect moment ]:.

Wakkos
Maniac (V) Mad Scientist

From: Azylum's Secret Lab
Insane since: Oct 2000

posted 09-19-2002 18:56

Nop, I just want the people to access if they come from "http://www.site.com/form.php"

InI
Paranoid (IV) Mad Scientist

From: Somewhere over the rainbow
Insane since: Mar 2001

posted 09-19-2002 19:19

The poster has demanded we remove all his contributions, less he takes legal action.
We have done so.
Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future.
Don't follow his example - seek real life help first.

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted 09-19-2002 19:41

You're first code should work but you need to use the "_" underscore before SERVER

$_SERVER['HTTP_REFERER']

if that doesn't do it, the _SERVER variable is relatively new. So if you have an older version of php use the $HTTP_SERVER_VARS['HTTP_REFERER'] variable. This will work with newer versions as well even though it has deprecated.

.:[ Never resist a perfect moment ]:.

[This message has been edited by bitdamaged (edited 09-19-2002).]

Wakkos
Maniac (V) Mad Scientist

From: Azylum's Secret Lab
Insane since: Oct 2000

posted 09-20-2002 08:48

Now works! thanks InI and Bitdamage ( I added the "_" )