tags:

views:

52

answers:

4
+2  Q: 

Php referrer works or not?

I need to know the referring server for a page on my site.

Is there any safe method to check where the user "came" to the page FROM?

I tried uploading this to my server, but this wont output anything at all when I write the adress to the file in the browsers adress bar:

    <?php echo $_SERVER['HTTP_REFERER']; ?>

I need to check this in order to display a link on the page or not...

Thanks

+1  A: 

I tried uploading this to my server, but this wont output anything at all when I write the adress to the file in the browsers adress bar:

That's because there's no referrer in that situation - you typed it into the browser address bar.

ceejayoz  2010-06-09 16:47:19
+3  A: 

Try using $_SERVER['HTTP_REFERER']. Notice that it is 'HTTP_REFERER', NOT, as one would expect, 'HTTP_REFERRER'

Also, please note the documentation on this variable:

The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.

In addition, ceejayoz is correct in noting that if you go directly to a page and don't follow a link there, most browsers will not set a referrer.

thetaiko  2010-06-09 16:47:58
:( You ninja'ed me! >.> <.< +1
pinkgothic  2010-06-09 16:49:59
+3  A: 

Two things:

It should be $_SERVER['HTTP_REFERER'] (note first single R). Case of immortalised typo, but that's how it looks. :)

Secondly, an http-referer is only sent if you reach the page by clicking the link. Typing the link into the address bar circumvents it.

But to answer your actual question, there are several people who have their browser set so no referer is ever sent, meaning that there is no reliable way to determine even link-ins, unfortunately. (Not to mention the data can be tampered with, since it's sent by the client.)

pinkgothic  2010-06-09 16:49:28
+5  A: 

Is there any safe method to check where the user "came" to the page FROM?

Not really. Like all HTTP headers, this can easily be modified. Additionally, a browser could also choose never to send a referrer.

$_SERVER['HTTP_REFERER']; will work when a browser does send a referrer, but there's no way to validate that it's true.

I tried uploading this to my server, but this wont output anything at all when I write the adress to the file in the browsers adress bar

In this case a browser would not send a referrer because you didn't come FROM anywhere.

Matt  2010-06-09 16:49:41

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?