1

I have a form called form.html that follows through to comformation.html when a user submits it.

However, I don't want the user to be able to grab the comfirmation.html page URL and share it (eg. tweet it)

Can this be achieved by setting a session in the form.html and then have some kind of check on the comfirmation.html page to see if it's there?

So if someone else clicks on a link directly to comfirmation.html then he/she is re-directed to the form.

I think this is possible as I have seen examples when Googling about it. But I haven't seen any example where the session checking re-directs to another page (or does nothing if the session matches).

Thanks,

Lawrence

Lawrence
  • 149
  • 2
  • 2
  • 8
  • Maybe try some form of [url encryption](http://stackoverflow.com/questions/9542610/how-to-encrypt-the-url)? – SpYk3HH Nov 19 '12 at 00:43

2 Answers2

1

What if add such code at the confirmation.html?

var prevStage = "http://mysite.com/form.html";
if(prevStage != document.referrer) {
    window.location.href = prevStage;
}
Eugene Naydenov
  • 7,165
  • 2
  • 25
  • 43
  • Hi, what if I there are two possible previous pages? Can I add prevStage2 and have an OR operator in the bit below? – Lawrence Nov 20 '12 at 03:25
  • Sure you can, why not? Also you can check for previous stage on each step to be sure that user came to particular stage from previous one. – Eugene Naydenov Nov 20 '12 at 09:19
  • Hi, I've got a bit of problem now as one the possible previous pages contains an appended dynamic value to the URL (like a session ID). So I've been trying to base the check on the domain instead. But this doesn't seem to work: `var url = "mysite.com"` `var login = "mysite.com/login.html"` `var referrer = document.referrer.match(/:\/\/(.[^/]+)/)[1];` `if(url !== referrer ) {` ` window.location.href = login;` `}` The idea here (copied from another post here) is that referrer is determined by looking at the URL of the previous page but stripped of everything but the domain. – Lawrence Nov 20 '12 at 11:21
  • Apologies for the bad formatting of this comment. I can't do hard returns, it seems. – Lawrence Nov 20 '12 at 11:26
  • `document.referrer` returns an URL of a page where user came from or `undefined` if he opened the page in new window/tab of his browser. So the idea is user visited `http://site.com/stage1.html` and has been redirected to `stage2.html`, where you're checking is referrer equal to `http://site.com/stage1.html` URL or not and so on. – Eugene Naydenov Nov 20 '12 at 11:52
0

I think you can do this...

<html>
<head>
<script>


/* getUrlVars function from http://papermashup.com/read-url-get-variables-withjavascript/
*/
function getUrlVars() 
{
    var vars = {};
    var parts = window.location.href.replace(/[?&]+([^=&]+)=([^&]*)/gi, function(m,key,value) {
        vars[key] = value;
    });
    return vars;
}


/*
* getCookie and checkCookie function 
* credit http://www.w3schools.com/js/js_cookies.asp
*/

function getCookie(c_name)
{
    var i,x,y,ARRcookies=document.cookie.split(";");
    for (i=0;i<ARRcookies.length;i++)
    {
        x=ARRcookies[i].substr(0,ARRcookies[i].indexOf("="));
        y=ARRcookies[i].substr(ARRcookies[i].indexOf("=")+1);
        x=x.replace(/^\s+|\s+$/g,"");
        if (x==c_name)
            {
                return unescape(y);
            }
    }
}


function checkCookie()
{
    var getConfirmationID = getUrlVars('confirmationid'); 
    var confirmation =getCookie(getConfirmationID);
    if (confirmation!=null && confirmation!="")
    {
        alert("Page expired, redirecting....");
        window.location = "/originalForm.html";

    }
    else
    {
        /*
        * show the confirmation
        */
        document.getElementById('confirmationdata').innerHTML = '<p>'+confirmation+'</p>';

    }

  }
}
</script>
</head>
<body onload="checkCookie()">
    <div id='confirmationdata'></div>
</body>
</html>
virtuvious
  • 2,362
  • 2
  • 21
  • 22