|
|
Posted by Jerry Stuckle on 06/01/07 15:51
e_matthes@hotmail.com wrote:
> Hello,
>
> I keep reading that $_SERVER['HTTP_REFERER'] can easily be faked. Is
> that true of all server variables, or just some of them? In
> particular, I'm wondering if server_port can be faked.
>
> I'm interested right now because I want to detect whether the current
> page request is using http or https. I realize there are other ways
> to ensure the correct delivery of pages over https using directory
> management and htaccess, but I also want to understand the server
> variables better.
>
No, the port can't be faked. It's not sent by the browser.
You can also check $_SERVER['HTTPS']. It's either set to 'on' if the
user is using https, or empty if he's not.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|