remove page referrer

11/09/2007, 09h40

Shahrzad wrote:
> I have 2 page ,when I go from first page to second page , I don't want the user can back to first page where it come from. is there any way to do this in php ? to remove or disactive $_SERVER["HTTP_REFERER"] in php?

No, this is not something the server (where PHP lives) can control.

Why do you think you need to do this?

-Stut

--
http://stut.net/

11/09/2007, 10h05

You can not control this, but you might be able to control the page
where the user is going back through the third page

like this:

page 1: submit to page 2
page 2: header('Location: /page 3');
page 3: the final page

if the user clicks back he is going to end up on page 2 which has
location redirect to page 3. True?

-Xander

Stut wrote:
> Shahrzad wrote:
>> I have 2 page ,when I go from first page to second page , I don't
>> want the user can back to first page where it come from. is there any
>> way to do this in php ? to remove or disactive
>> $_SERVER["HTTP_REFERER"] in php?
>
> No, this is not something the server (where PHP lives) can control.
>
> Why do you think you need to do this?
>
> -Stut
>

11/09/2007, 10h54

Please include the list when replying.

Shahrzad wrote:
> Mercyyy Stut for your reply,

No problem.

> For the reason of sessions ,,,, I want no one can back to previous
> page,if somebody temptates to do that, either this error occur :
> "HTTP/1.0 404 Not Found" or that page reload again .
> Can I do this with javaScript or something else?

There are some nasty evil hacks that can achieve this, but you really
don't want to.

There are two possible solutions to your problem...

1) Write your code in such a way that it doesn't matter if someone goes
back to a previous page and resubmits it.

2) Use the session to keep track of what page the user is on. That way
if they do hit the back button you can tell them they've not allowed to
do that and provide a link to the page they should be one.

The first option is the best because the second is very poor UI design.

Is there a reason why the user cannot go back to a previous page? What
is technically stopping you handling that situation?

-Stut

--
http://stut.net/

11/09/2007, 14h45

Shahrzad wrote:
> Hi all, I have 2 page ,when I go from first page to second page , I
> don't want the user can back to first page where it come from. is
> there any way to do this in php ? to remove or disactive
> $_SERVER["HTTP_REFERER"] in php?
>

Shahrzad, i'm assuming that you want to do this to protect against
duplicate form submissions. If that's the case, this article may be of
some use:

Redirect after POST
http://www.theserverside.com/tt/arti...irectAfterPost

brian

11/09/2007, 14h52

On 9/11/07, Stut <stuttle@gmail.com> wrote:
> Please include the list when replying.
>
> Shahrzad wrote:
> > Mercyyy Stut for your reply,
>
> No problem.
>
> > For the reason of sessions ,,,, I want no one can back to previous
> > page,if somebody temptates to do that, either this error occur :
> > "HTTP/1.0 404 Not Found" or that page reload again .
> > Can I do this with javaScript or something else?
>
> There are some nasty evil hacks that can achieve this, but you really
> don't want to.
>
> There are two possible solutions to your problem...
>
> 1) Write your code in such a way that it doesn't matter if someone goes
> back to a previous page and resubmits it.
>
> 2) Use the session to keep track of what page the user is on. That way
> if they do hit the back button you can tell them they've not allowed to
> do that and provide a link to the page they should be one.
>
> The first option is the best because the second is very poor UI design.
>
> Is there a reason why the user cannot go back to a previous page? What
> is technically stopping you handling that situation?
>
> -Stut
>
> --
> http://stut.net/
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

What about the following?

L> page1.php
<?
session_start();
if($_SESSION['already_submitted'] == True) {
header("Location: page2.php");
}
// Continue with your existing code from the first page.
?>

L> page2.php
<?
session_start();
$_SESSION['already_visited'] = True; // Set this now.
// Continue with the rest of your code from the second page.
?>

For as long as that session remains active, any time the user
attempts to reload that page, they'll be forwarded to a page of your
choice (in this case, page2.php). If you absolutely want a 404 error,
you can either spoof one or legitimately create one --- by forwarding
them to a page that does not and will not ever exist on your server.
Not a very elegant solution, but it will work.

--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....

11/09/2007, 16h26

At 10:04 AM +0430 9/12/07, Shahrzad wrote:
>Hi all,
>I have 2 page ,when I go from first page to second page , I don't
>want the user can back to first page where it come from. is there
>any way to do this in php ? to remove or disactive
>$_SERVER["HTTP_REFERER"] in php?
>
>Thanks

Didn't someone recently ask this question?

In any event, from what you described above, try this below.

http://webbytedd.com/bb/one-time/

This uses sessions -- you cannot return to this page until you
restart your browser. It's a simple session variable check.

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

11/09/2007, 19h16

Hi,
> You can not control this, but you might be able to control the page
> where the user is going back through the third page

>
> like this:
>
> page 1: submit to page 2
> page 2: header('Location: /page 3');
> page 3: the final page
>
> if the user clicks back he is going to end up on page 2 which has
> location redirect to page 3. True?
Nope, this ain't true: if he goes back, he'll land on page 1.
>
> -Xander

11/09/2007, 19h48

On 9/11/07, NOSPAM plz <bla> wrote:
> I think you have to put the exit(); function in the code to prevent hacks.
>
> if($_SESSION['already_submitted'] == True) {
> header("Location: page2.php");
> *exit();*
> }

Good call. I forgot to type that in there, but you're right. ;-)

--
Daniel P. Brown
[office] (570-) 587-7080 Ext. 272
[mobile] (570-) 766-8107

Give a man a fish, he'll eat for a day. Then you'll find out he was
allergic and is hospitalized. See? No good deed goes unpunished....

11/09/2007, 09h40	#1
Stut Messages: n/a Hébergeur:	Re: [PHP] remove page referrer Shahrzad wrote: > I have 2 page ,when I go from first page to second page , I don't want the user can back to first page where it come from. is there any way to do this in php ? to remove or disactive $_SERVER["HTTP_REFERER"] in php? No, this is not something the server (where PHP lives) can control. Why do you think you need to do this? -Stut -- http://stut.net/

11/09/2007, 10h05	#2
Aleksandar Vojnovic Messages: n/a Hébergeur:	Re: [PHP] remove page referrer You can not control this, but you might be able to control the page where the user is going back through the third page like this: page 1: submit to page 2 page 2: header('Location: /page 3'); page 3: the final page if the user clicks back he is going to end up on page 2 which has location redirect to page 3. True? -Xander Stut wrote: > Shahrzad wrote: >> I have 2 page ,when I go from first page to second page , I don't >> want the user can back to first page where it come from. is there any >> way to do this in php ? to remove or disactive >> $_SERVER["HTTP_REFERER"] in php? > > No, this is not something the server (where PHP lives) can control. > > Why do you think you need to do this? > > -Stut >

11/09/2007, 10h54	#3
Stut Messages: n/a Hébergeur:	Re: [PHP] remove page referrer Please include the list when replying. Shahrzad wrote: > Mercyyy Stut for your reply, No problem. > For the reason of sessions ,,,, I want no one can back to previous > page,if somebody temptates to do that, either this error occur : > "HTTP/1.0 404 Not Found" or that page reload again . > Can I do this with javaScript or something else? There are some nasty evil hacks that can achieve this, but you really don't want to. There are two possible solutions to your problem... 1) Write your code in such a way that it doesn't matter if someone goes back to a previous page and resubmits it. 2) Use the session to keep track of what page the user is on. That way if they do hit the back button you can tell them they've not allowed to do that and provide a link to the page they should be one. The first option is the best because the second is very poor UI design. Is there a reason why the user cannot go back to a previous page? What is technically stopping you handling that situation? -Stut -- http://stut.net/

11/09/2007, 14h45	#4
brian Messages: n/a Hébergeur:	Re: [PHP] remove page referrer Shahrzad wrote: > Hi all, I have 2 page ,when I go from first page to second page , I > don't want the user can back to first page where it come from. is > there any way to do this in php ? to remove or disactive > $_SERVER["HTTP_REFERER"] in php? > Shahrzad, i'm assuming that you want to do this to protect against duplicate form submissions. If that's the case, this article may be of some use: Redirect after POST http://www.theserverside.com/tt/arti...irectAfterPost brian

11/09/2007, 14h52	#5
Daniel Brown Messages: n/a Hébergeur:	Re: [PHP] remove page referrer On 9/11/07, Stut <stuttle@gmail.com> wrote: > Please include the list when replying. > > Shahrzad wrote: > > Mercyyy Stut for your reply, > > No problem. > > > For the reason of sessions ,,,, I want no one can back to previous > > page,if somebody temptates to do that, either this error occur : > > "HTTP/1.0 404 Not Found" or that page reload again . > > Can I do this with javaScript or something else? > > There are some nasty evil hacks that can achieve this, but you really > don't want to. > > There are two possible solutions to your problem... > > 1) Write your code in such a way that it doesn't matter if someone goes > back to a previous page and resubmits it. > > 2) Use the session to keep track of what page the user is on. That way > if they do hit the back button you can tell them they've not allowed to > do that and provide a link to the page they should be one. > > The first option is the best because the second is very poor UI design. > > Is there a reason why the user cannot go back to a previous page? What > is technically stopping you handling that situation? > > -Stut > > -- > http://stut.net/ > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > What about the following? L> page1.php <? session_start(); if($_SESSION['already_submitted'] == True) { header("Location: page2.php"); } // Continue with your existing code from the first page. ?> L> page2.php <? session_start(); $_SESSION['already_visited'] = True; // Set this now. // Continue with the rest of your code from the second page. ?> For as long as that session remains active, any time the user attempts to reload that page, they'll be forwarded to a page of your choice (in this case, page2.php). If you absolutely want a 404 error, you can either spoof one or legitimately create one --- by forwarding them to a page that does not and will not ever exist on your server. Not a very elegant solution, but it will work. -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Give a man a fish, he'll eat for a day. Then you'll find out he was allergic and is hospitalized. See? No good deed goes unpunished....

11/09/2007, 16h26	#6
tedd Messages: n/a Hébergeur:	Re: [PHP] remove page referrer At 10:04 AM +0430 9/12/07, Shahrzad wrote: >Hi all, >I have 2 page ,when I go from first page to second page , I don't >want the user can back to first page where it come from. is there >any way to do this in php ? to remove or disactive >$_SERVER["HTTP_REFERER"] in php? > >Thanks Didn't someone recently ask this question? In any event, from what you described above, try this below. http://webbytedd.com/bb/one-time/ This uses sessions -- you cannot return to this page until you restart your browser. It's a simple session variable check. Cheers, tedd -- ------- http://sperling.com http://ancientstones.com http://earthstones.com

11/09/2007, 19h16	#7
Ludovic André Messages: n/a Hébergeur:	Re: [PHP] remove page referrer Hi, > You can not control this, but you might be able to control the page > where the user is going back through the third page > > like this: > > page 1: submit to page 2 > page 2: header('Location: /page 3'); > page 3: the final page > > if the user clicks back he is going to end up on page 2 which has > location redirect to page 3. True? Nope, this ain't true: if he goes back, he'll land on page 1. > > -Xander

11/09/2007, 19h48	#8
Daniel Brown Messages: n/a Hébergeur:	Re: [PHP] remove page referrer On 9/11/07, NOSPAM plz <bla> wrote: > I think you have to put the exit(); function in the code to prevent hacks. > > if($_SESSION['already_submitted'] == True) { > header("Location: page2.php"); > exit(); > } Good call. I forgot to type that in there, but you're right. ;-) -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107 Give a man a fish, he'll eat for a day. Then you'll find out he was allergic and is hospitalized. See? No good deed goes unpunished....

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email