Add multiple referrer links

Question

I protect page from being access and can only access it by a referrer page, here is my code on landing page

<?php 
// request file coming from test referrer
    if(stristr($_SERVER['HTTP_REFERER'],"http://aqsv.com/sites2/testreffer/tp1.php"))
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<h1>Test Landing Page 1</h1>
</body>
</html>
<?php
}
// redirect to redirect.php
else  {
header("Location: http://aqsv.com/sites2/testlander/redirect.php");
}
?>

and this is the referrer page

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Test Refererrer 1</title>
</head>

<body>
<h1>Test Refererrer 2</h1>
<a href="http://aqsv.com/sites2/testlander/lp1.php">Link me to landing page1</a>
</body>
</html>

this work perfectly on single referrer page only, what i want to do is to have multiple referrer page to access the page , Im new to php and really dont have any idea to do this.. I tried adding http referrer using if else like this

<?php 
// request file coming from test referrer
if(stristr($_SERVER['HTTP_REFERER'],"http://aqsv.com/sites2/testreffer/tp1.php"));
elseif(stristr($_SERVER['HTTP_REFERER'],"http://aqsv.com/sites2/testreffer/tp2.php"))
        {
?>

but the second link is not working. Any help would be highly appreciated. Thanks

You have a semi-colon in `testreffer/tp1.php"));` <= *the buck stops here*. — Funk Forty Niner, Aug 19 '14 at 03:30
It should be noted if you're going to use this in a public facing website that browsers can be explicitly told never to send referrer headers for privacy reasons. — siva.k, Aug 19 '14 at 03:31
Sidenote: [**Using `HTTP_REFERER` isn't reliable**](http://stackoverflow.com/a/6023980/) - *"Don't rely on it for any serious purpose."* — Funk Forty Niner, Aug 19 '14 at 03:38
Thanks for answering Fred, Im really new to php and this is the only way i think is the best to avoid accessing the landing page. — labli, Aug 19 '14 at 03:46

score 0 · Accepted Answer · edited Aug 19 '14 at 03:33

0

You can take an array containing all your valid referrer domain. E.g.

<?php
$valid_domains = array(
    'domain1',
    'domain2',
    'domain3'
);

// The checking for valid domain
if ( in_array($_SERVER['HTTP_REFERER'], $valid_domains) )
{
?>
Your HTML goes here....
<?php
}
?>

Please see http://php.net/manual/en/function.in-array.php

Hope the idea will help you.

edited Aug 19 '14 at 03:33

Barmar

741,623
53
500
612

answered Aug 19 '14 at 03:31

anupam

756
5
11

Thank u so much for answering that fast @Barmar. Works perfect now! I really learned a lot on php by asking questions here :) Thanks again! – labli Aug 19 '14 at 03:42

score 0 · Answer 2 · answered Aug 19 '14 at 03:32

The syntax if if/elseif... is:

if (something) {
    body
} elseif (somethingelse) {
    body
}

But you have no body for your if, only for the elseif, so nothing happens in that case.

Since you want the same body for all your tests, you should just use a single if with multiple conditions connected by OR:

if (stristr($_SERVER['HTTP_REFERER'],"http://aqsv.com/sites2/testreffer/tp1.php") ||
    stristr($_SERVER['HTTP_REFERER'],"http://aqsv.com/sites2/testreffer/tp2.php")) {
    ...
}

Another way you can do this is by putting all the allowed referers in an array, and then doing:

if (in_array(strtolower($_SERVER['HTTP_REFERER']), $allowed_referers)) {
    ...
}

I use strtolower() to make it case-insensitive, like your original tests.

Add multiple referrer links

2 Answers2