开发者

Help with PHP if / else statement

问答 作者:

On my site, forms are brought in via AJAX and checked against a sessionid. I know this is not optimal, but it's working for us. If the referrer doesn't have the session ID they are redirected back to "anotherpage". I need to allow some outside URL's access the form directly. we set the sessionid on the page with the link to the form.

Here is what we have now on the form page:

<?php
$code = $_GET['sessionid'];
if(strcmp( $code , 'XXXXX'  ) != 0) {
    header("Location: http://www.domain.com/anotherpage.php");
} 
?>

I need to allow some outside domains direct access to the form page开发者_如何学JAVA and am having issues with this: (I'm putting it above the head tag on the form page)

<?php
    $code = $_GET['sessionid'];
    $referrer = $_SERVER['HTTP_REFERER'];

    if(strcmp( $code , 'XXXXX' ) !=0) {
        header("Location: http://www.domain.com/anotherpage.php");
    } else {
        if (preg_match("/site1.com/",$referrer)) {
            header('Location: http://www.domain.com/desiredpage.php');
        }
    }
?>

this still bounces me back to "anotherpage.php" any ideas?

********EDIT******* thx for the help, it works ad I requested. Now I see what I asked wasn't entirely correct. This appends the URL with =sessionid?=XXXXX. This isn't an issue on my site because I'm loading the content with .jquery .load so the URL doesn't change. I don't want the sessionid to be visible, and now it is. Can I either a) "trim" the url somehow or b) separate the two functions so they are exclusive?

if(strcmp( $code , 'XXXXX' ) !=0) {
    if (preg_match("/site1.com/",$referrer)) {
        header('Location: http://www.domain.com/desiredpage.php');
    } else {
        header("Location: http://www.domain.com/anotherpage.php");
    }
}

As I read your post, you want anyone from the preg_match to get the desired page regardless of sessionID status, so you don't want to test sessionID first.

Start the if block with the preg_match test.

Your first if is checking to see if they don't have the $code and redirecting them. This will always be the case. You should probably check the $referrer first and then do the $code check.

Try reverse if with else

<?php
    $code = $_GET['sessionid'];
    $referrer = $_SERVER['HTTP_REFERER'];
    if (preg_match("/site1.com/", $referrer)) {
        header('Location: http://www.domain.com/desiredpage.php');
    } else if (strcmp( $code , 'XXXXX' ) != 0) {
        header("Location: http://www.domain.com/anotherpage.php");
    }
?>

If I'm not misunderstanding this, the problem is in the order in which you are checking things.

If you want to allow some referrers to access the site even if they don't have the session id, you have to check for that before checking for the session id. Otherwise, they will end up being treated just like everyone else.

You can either switch the order of the conditions (first check for the referrer and then check fo the session id) or check for the referrer inside the branch in which you already know the session id is not valid.

The issue could be in your regex, it should be:

if (preg_match("/site1\.com/",$referrer))

notice escaping the dot (.)

继续阅读:logicphpreferrer

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9