Which domain called the script?

I开发者_如何学Python have some scripts that really need to be secured. So I was thinking, is there a way to find out which domain called the script?

Look through the $_SERVER variable and you will see all the information you need.

$_SERVER['SERVER_ADDR'] and $_SERVER['SERVER_NAME'] may be of use to you.

$_SERVER['HTTP_HOST'] will have the domain name.

There are probably a lot of ways to do this.. But I would setup logging in the script and report back with

$_SERVER['HTTP_HOST'] 

And here is a helpful page for more information..

http://www.php.net/manual/en/reserved.variables.server.php

Wikipedia lists a number of defences against cross site request forgery attacks.

$_SERVER['SERVER_NAME'] will contain the host or virtual host under which the script is running.

$_SERVER['HTTP_HOST'] contains the contents of the Host: header from the current request, if there is one.

Please see Chris Shiflett's extended explanation for a detailed comparison of the two.