Hi
I have used the following script within a simple form email to prevent the form
being used from an external url.
<?php
$referer = $_SERVER['HTTP_REFERER'];
// Get the URL of this page
$myurl= "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_UR I"];
// If the referring URL and the URL of this page don't match then
// display a message and don't send the email.
if ($referer != $myurl) {
echo "You do not have permission to use this script from another URL.</br>";
echo "Referer = $referer </br>";
echo "This url = $myurl</br>";
exit;
}
?>
I added the last 2 echo statements to see why there was always a mismatch and
the email was never sent and found that:
$referer = http://mydomain/myemailscript.php
while
$myurl = http://mydomain
I can easily get round the problem by amending as follows:
$myurl=$myurl . "/myemailscript.p hp" but is this correct? Is
$_SERVER['HTTP_REFERER'] returning correctly?
Regards
Dynamo
I have used the following script within a simple form email to prevent the form
being used from an external url.
<?php
$referer = $_SERVER['HTTP_REFERER'];
// Get the URL of this page
$myurl= "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_UR I"];
// If the referring URL and the URL of this page don't match then
// display a message and don't send the email.
if ($referer != $myurl) {
echo "You do not have permission to use this script from another URL.</br>";
echo "Referer = $referer </br>";
echo "This url = $myurl</br>";
exit;
}
?>
I added the last 2 echo statements to see why there was always a mismatch and
the email was never sent and found that:
$referer = http://mydomain/myemailscript.php
while
$myurl = http://mydomain
I can easily get round the problem by amending as follows:
$myurl=$myurl . "/myemailscript.p hp" but is this correct? Is
$_SERVER['HTTP_REFERER'] returning correctly?
Regards
Dynamo
Comment