| Re: $referrer = $_SERVER['HTTP_REFERER'] echo [message #181975 is a reply to message #181971] |
Fri, 28 June 2013 20:03   |
bill
Messages: 310
Registered: October 2010
Karma:
|
Senior Member |
|
|
On 2013-06-28 3:26 PM, Jerry Stuckle wrote:
> On 6/28/2013 2:07 PM, Twayne wrote:
>> On 2013-06-27 5:52 PM, Jerry Stuckle wrote:
>>> On 6/27/2013 5:23 PM, Twayne wrote:
>>>> I have what's probably a simple and very basic question.
>>>>
>>>> My goal is to see where a visitor sending a form-email with mail() on
>>>> win 7 and XAMPP - PHP 5.3.5, came from. e.g. did he come here from the
>>>> right page or just barge into this page as his landing page?
>>>> My php.ini seems to be OK and I've not changed any other config
>>>> files. All other "If's" work OK and I'm now baffled.
>>
>> ...
>>
>>>
....
>>
>
> It is supplied by the user, and like anything user-supplied, can easily
> be spoofed. And some people don't even send it (I've heard Norton has
> an option to strip it, but haven't confirmed that fact).
No, it is NOT supplied by the user in this case. It is supplied by the
server of my website, and the only information I'm interested in is
whether the visitor came from the proper page on my website; nothing
else shall pass. You've said nothing to change my mind, but thanks anyway.
>
> Just because it exists and is correct on your system does NOT mean it
> exists or is correct when coming from other systems!
I have zero interest in "other systems", as I described previously.
On my server, not my "system". It's entirely server-side operations.
Others are reporting my scheme as a "good one" when considering
everything the forest contains; possibly even more than really needed.
>
> The bottom line is - it is user-supplied data, and you should NEVER
> trust user-supplied data.
like I said, it's not user-supplied.
The user knows nothing about it without some pretty clever attention to
the problem and hacking the server I use (NOT mine-standard, reputable
servers).
Thanks for the response, even if it was rather lacking in any detail
that I found useful.
Twayne`
>
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]