This question already has an answer here:
Im Kinda A Noob With PHP,
I want to keep my page accessible only from a link
etc. I only want to allow people who clicked a link to my page from example.com
and others like from google.com to redirect to another page on my site etc. a error message
How Could I Do This?
</div>
分享 
if(isset($_SERVER['HTTP_REFERER']))
$referer_host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
else
$referer_host = '';
if($referer_host != 'example.com')
{
header('Location: http://example.com/error');
exit;
}
People not sending (correct) referers for various reasons will be entirely excluded from your page.
Of course bookmarking your site etc. will also not work.
As headers can be faked by the client at will, I would not call this a "security" feature.
分享
