tags:

views:

893

answers:

6
Q: 

php/html - http_referer

Hi

I am creating a website and on one particular page, am wanting to send the user back to the previous page. I am fairly new to PHP/HTML and have been using some existing code for ideas and help.

The existing code uses the following method:

if (! empty($HTTP_REFERER)) 
{
    header("Location: $HTTP_REFERER");
} else 
{
    header("Location: $CFG->wwwroot");
}

However, when I use this code the HTTP_referer is always treated as empty and the user redirected to the root page. Any obvious flaws in this code?

+8  A: 

You need to use:

$_SERVER['HTTP_REFERER']
jonstjohn  2009-03-03 12:58:40
A: 

Also note that the referer header might be empty or missing anyway, so you shouldn't rely on it at all..

kkyy  2009-03-03 13:03:42
+7  A: 

Don't rely on the HTTP Referrer being a valid or even non-empty field. People can choose to not have this set leaving any checks for that variable going to the empty side of the IF-ELSE clause.

You can guard against this by sending along a parameter in either the URL or POST parameters that would hold a value that you can use to redirect the user back to.

random  2009-03-03 13:03:59
+1. Referrers are inherently unreliable. Use a parameter to direct the user where you want them to go after the form.
bobince  2009-03-03 13:21:21
A: 

You should use 

$_SERVER['HTTP_REFERER']

However look at the register_globals configuration in php.ini, it should be turned off due to security reasons. You can read more on PHP Manual site.

michal kralik  2009-03-03 13:07:59
A: 

If you wanted to send the person back to the previous page and have it work regardless of the referrer being set correctly, you can append a GET parameter to the URL (or POST).. you will need to encode the URL.. Something like

http://www.domain.com.au/script.php?return=http%3a%2f%2fwww.domain.com.au%2fthis-is-where-i-was%2f

You can use PHP's urlencode() function. Also use strip_tags() to for security if you're going to echo it elsewhere to the page.

alex  2009-03-03 13:08:01
+1  A: 

isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';

 2009-08-18 10:57:50

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?