tags:

views:

68

answers:

2
+1  Q: 

How to know the URL referrer in PHP?

I am new to integrating paypal with sites so maybe there's a readily available method from the service I could use? What I am trying to do is when the user clicks "return to my website", I want my return URL to know that the referrer is paypal so I can send him to the homepage automatically. How do I go about this? I tried $_SERVER['HTTP_REFERER'] but it doesn't seem to catch anything. I also set the cookie and session(though I am not sure if I made it right or it's the right thing to do) during IPN conversation, but when returning to my website, it doesn't seem to recognize any session. If I get away with this using $_SERVER['HTTP_REFERER'], I am afraid it is a security risk, right? If so, is there any other method I am missing? Help pls...

+1  A: 

Do you really need to know the referer? Set the PayPal return URL to a "secret" URL that always redirects to the homepage. If somebody ends up there and gets redirected without coming from PayPal, so what? It shouldn't be a problem.

Also, I haven't used PayPal, but I'd imagine any IPN notification will come as a request directly from PayPal's servers, not the user, so setting any cookies or sessions won't do you much good.

Matti Virkkunen  2010-08-02 17:47:28
The homepage is a restricted area. Only registered users are allowed to enter. The scenario here happens after the user pays the subscription, so any server communication is absent.
adred  2010-08-02 18:07:12
A: 

You can add a new hidden field with any custom value, that will be posted back to you. You could use that field for whatever you want. You should name that field custom.

Paypal will return back that field and once you see that you should be sure it has come from paypal.

Sarfraz  2010-08-02 17:49:54
Yah, I have set up similar to that when verifying the existence of the user trying to subscribe. But the communication between my handler and IPN happens in the background right before the "return" is clicked. So, nothing actually happens after that because the click-button event doesn't involve IPN right?
adred  2010-08-02 18:12:04

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases