define and defined for disallow direct access

I have two page: rooms.php and reservation.php User can only access to reservation.php via rooms.php I have used define('NOT',1); and if (!defined('NOT')) exit('no direct!'); But when user goes from rooms.php to reservation.php there is开发者_C百科 error message? Why define function not working? Thanks in advance

You may have a misunderstanding here: This method works only when rooms.php includes reservation.php using include() or require(). It does not work for, say, referers.

Is that what you are doing? In that case, your code looks correct. rooms.php needs to contain

define('NOT', 1);

before the line where reservation.php is included; but that should work.

Assuming you are calling rooms.php first and go to reservation.php via a link:

The constant will be lost after you access the other page. You should store the value in a session:

session_start();
$_SESSION['NOT'] = 1;

A PHP file a script that gets executed every time you call it. But that also means that all variables, constants are lost after the script was executed. But sessions are for preserving data through multiple page calls.

in your rooms.php add the following code before the inclusion of reservation.php

define('FROM_ROOM',true);

Within Reservation.php at the very top add

if(!defined('FROM_ROOM')){ exit("Please go away");}

So it looks like this

rooms.php: define('FROM_ROOM',true); include 'reservation.php';

reservation.php:

if(!defined('FROM_ROOM')){ exit("Please go away");}
echo "Im reservation.php, i only can be include by rooms.php";

you don't need constants you need session variables or to check the HTTP referrer; constants will only work if you are including reservation.php and you're not, you're simply stipulating that the user should have seen rooms.php before seeing reservation.php