0

main site : perfectwp.com/index.php Code

<font size="5">Hello this is my main site</font><br/>

<font size="5">to visit my secondry site <a href="http://perfectwp.site" target="_blank">click here</font></a>

secondary site : perfectwp.site/index.php code

<?php
if(!isset($_SERVER['HTTP_REFERER'])){
    // redirect them to your desired location
    header('location:404.php');
    exit; } ?>

<font size="5">Hi Welcome to my Secondry site you are coming from my main site 
<br/><br/><br/>watch video below</font> <br/><br/><br/>

<iframe width="560" height="315" src="https://www.youtube.com/embed/-i0OIy5zSrs" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>

if visitor is redirecting through main site he gets secondary site content but if user is trying to access secondary site directly returns 404. and this is working now.

The question is if user is redirecting from main site how we can set cookies or session for him. or how we can tell browser do not check this restriction for this user on next visit

[i request to admin please do not hide my question i really really need help]

Bilal
  • 23
  • 4
  • Does this answer your question? [Cross-Domain Cookies](https://stackoverflow.com/questions/3342140/cross-domain-cookies) – Janick Koder Jan 10 '20 at 10:58

1 Answers1

0

You cannot directly set cookies for another domain. The only way to achieve what you want would be Third Party Cookies. However, that is not guaranteed to work as browsers like Firefox might be configured to ignore third party cookies.

This would work like this: create a file on the 2nd site (e.g. perfectwp.site/track.php):

<?php
setcookie('from_perfectwp_com',  date('Y-M-D H:i:s'), time() + (86400 * 365), "/");

header('Content-Type: application/javascript');
// make sure this isn't cached:
header("Expires: on, 01 Jan 1970 00:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// output will be empty
?>

Then include it in perfectwp.com/index.php (1st site) as a JavaScript source:

<script src="https://perfectwp.site/track.php"></script>

Assuming track.php is never called from anywhere else but the 1st site, you can assume that if the cookie is set, the user must have visited the 1st site at least once. After this, in your perfectwp.site/index.php, you can check for the presence of the 'from_perfectwp_com' cookie:

if (!isset($_COOKIE['from_perfectwp_com'])) {
    header('location:404.php');
    exit; } ?>

Again: this is not guaranteed to work due to possible third party cookie restrictions depending on the client's browser.

Damocles
  • 1,287
  • 1
  • 7
  • 9