HTML: Request - Response Redirection

Question

Lets say I have a website www.mySite.com and there are a lot of pages whose links are www.mySite.com\contact.php and www.mySite.com\about.php.

What if I want that when someone enters a direct link like www.mySite.com\about.php instead of opening that page it should go to a page myPolicy.php and then myPolicy.php may\may not refer the user to the requested page....

HOW to do IT

One method I thought is have a PHP page myPolicy.php and include\require it in beginning of every page so than I can decide weather to continue the requested page or redirect somewhere else or not....

Is that okay?

Is there a better way or some best practice for this kind of thingy?

Answer 1

if you don't need much security you could just do:

if(empty($_SERVER['HTTP_REFERER']))
    redirect('myPolicy.php');

this $_SERVER['HTTP_REFERER'] can't be relied since it's provided by the browser and can be easily changed.

if you want assurance on that you will have to think of the better strategy. you could use a login system for example. you have to understand that for the server, a user clicking a link and a user requesting a url (writing it down) is just the same thing. you count on the browser info (like $_SERVER['HTTP_REFERER']) just for usability, not security.

Answer 2

You could require a cookie be present, redirect if it isn't, and set the cookie on the myPolicy page.

However, I would strongly advise against doing this. You will be making your site inaccessible to search engines, unusable on browsers that block cookies (or referrers, if you did it that way), uncacheable and hostile to deep-linking (which most sites would welcome).

This is not a commonly accepted practice and it is unlikely to make ‘terms of use’ any more legally binding.