Anyone can send any referer (sic) header to your script. It shouldn't
be used for checking if someone is trying to hack the script, but it
should be find in your case.
rotsky wrote:
I've experimented using $_SERVER['HTTP_REFERER'] which seems to work here.
If the user enters valid login detail
As you are already using sessions, you can store the original page in a
session variable
rotsky wrote:
I have a small login form on the home page of my site. At the moment, when
people enter their user details and hit 'send', they go to another page
which check their details and, if they are suc
> But the manual says that HTTP_REFERER is unreliable, so I'm
> intrigued to know exactly what the problems are. Any ideas?
The HTTP_REFERER field is retrieved from the "HTTP Referer:" header as
used in the HTTP protocol. This field is set entirely by the client
browser / application retrieving t
I have a small login form on the home page of my site. At the moment, when
people enter their user details and hit 'send', they go to another page
which check their details and, if they are successful, prints a welcome
message. The problem is, they are now on this page and have to work their
way ba
4 matches
Mail list logo
