Anyone can send any referer (sic) header to your script. It shouldn't
be used for checking if someone is trying to hack the script, but it
should be find in your case.
rotsky wrote:
I've experimented using $_SERVER['HTTP_REFERER'] which seems to work here.
If the user enters valid login detail
As you are already using sessions, you can store the original page in a
session variable
rotsky wrote:
I have a small login form on the home page of my site. At the moment, when
people enter their user details and hit 'send', they go to another page
which check their details and, if they are suc
> But the manual says that HTTP_REFERER is unreliable, so I'm
> intrigued to know exactly what the problems are. Any ideas?
The HTTP_REFERER field is retrieved from the "HTTP Referer:" header as
used in the HTTP protocol. This field is set entirely by the client
browser / application retrieving t
3 matches
Mail list logo
