Posted by Rik on 01/12/07 16:20

Peter wrote:

Do not toppost.

> "ZeldorBlat" <zeldorblat@gmail.com> wrote in message
> news:1168286053.471679.19330@51g2000cwl.googlegroups.com...
>> Peter wrote:
>>> I want to see if a visitor followed a link on that particular
>>> website + page
>>> to my page, so that I can put up a text "link expired" or something
>>> :)
>>>
>>> How can I see this ?
>>> Suppose the forwarding site / page is: site.com/page.htm
>>> If somebody could give me a small example or lead the way to the
>>> commands needed for this ?

>> The best you can do is probably to use the value of
>> $_SERVER['HTTP_REFERER']. Don't consider it reliable though -- it's
>> up to the client to set it.

> Interesting !
> Is it also possible to see the *complete* URL (subpages, even
> parameters etc.)
> E.g. if the person comes from
> www.site.com/subdir/pagex.php?var1=1&var2=2 Can I see this complete
> URL then (*if* the client has set it I suppose ?)

If it is set, it's usually including the GET parameters.

> PS. what is mean with the client ?
> Is that the remote site the person is coming from ?

Nope, it's the browser/firewall/possible proxy combo (and maybe others).
It's up to the user to set it, most browsers default to sending it.

As it is set by the user it's highly unreliable. Never use it for any type
of security purposes, as they're easily faked. To keep hits on a page down
that has been linked can work for dicourage most people. Would the
copy/paste the url in their adress bar they'd see your site again as the
refere header usually is not set in that case.

You can use this in PHP, I normally put it straight in the apache
directives using mod_rewrite:

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} ^http://www.example.com/evil/.*$ [NC]
RewriteRule ^.*?$ /piss_off.html

Or in a more humerous mood you can even set the a forward to some weird
sites...
--
Rik Wasmus

[Back to original message]