How to use $_SERVER[‘HTTP_REFERER’] correctly in php?

I wouldn’t recommend using HTTP_REFERER:

  1. It’s fairly simple to manipulable in browser.
  2. Some users might have security settings in their browser to not send this header at all.
  3. It’s not accessible over HTTPS.
  4. Some proxies strip this header from the request
  5. Added – See answer to this quesion

As Charlotte Dunois stated in the comment, better set session value before sending the form and then check it on page2.

page1.php:

$_SESSION[ 'display_page2' ] = TRUE;
//rest of the content

page2.php:

if ( (isset( $_SESSION[ 'display_page2' ] ) && $_SESSION[ 'display_page2' ] === TRUE ) || isset( $_POST[ 'some_form_input' ] ) ) {
  //keep displaying page2.php
} else {
  header('Location:page1.php');
  exit;
}

With isset( $_POST[ 'some_form_input' ] ), you can check whether the form has been sent (via POST method).

When needed, you can unset the session with unset( $_SESSION[ 'display_page2' ] ); or by setting it to different value.

Related Posts:

  1. How do I make a redirect in PHP?
  2. PHP page redirect
  3. Page redirect after certain time PHP
  4. Determining Referer in PHP
  5. Visual list of all installed fonts with respective pangram phrase?
  6. How to log in to phpMyAdmin with WAMP, what is the username and password?
  7. count() parameter must be an array or an object that implements countable in laravel
  8. Fatal error: Call to undefined function mysql_connect()
  9. Mysql query- How to use contains?
  10. what does PHP die() return
  11. Invalid column count in CSV input on line 1 Error
  12. how to replace quotation marks with \”
  13. mcrypt is deprecated, what is the alternative?
  14. How to echo or print an array in PHP?
  15. How to parse a CSV file using PHP
  16. Cannot use object of type stdClass as array?
  17. Resize image in PHP
  18. How to replace “if” statement with a ternary operator ( ? : )?
  19. why use 0xffff over 65535
  20. .rar, .zip files MIME Type
  21. PDO bindParam() with prepared statement isn’t working
  22. HTML Element Array, name=”something[]” or name=”something”?
  23. Why use $_SERVER[‘PHP_SELF’] instead of “”
  24. Setting up a PHP interpreter in PhpStorm
  25. PHP: $_SERVER variables: $_SERVER[‘HTTP_HOST’] vs $_SERVER[‘SERVER_NAME’]
  26. Illegal string offset Warning PHP
  27. mysqli_real_connect(): (HY000/2002): No such file or directory
  28. Fatal error: Call to undefined function mysqli_connect()
  29. Deleting an element from an array in PHP
  30. Converting string to Date and DateTime
  31. Could not open input file: artisan
  32. Why php tag is not working in html file?
  33. What’s the use of ob_start() in php?
  34. PHP: variables in strings without concatenation
  35. PHP mail not working for some reason
  36. Get Root Directory Path of a PHP project
  37. How to reformat date in PHP?
  38. Returning JSON from PHP to JavaScript?
  39. Cannot simply use PostgreSQL table name (“relation does not exist”)
  40. How to create cron job using PHP?
  41. Imploding an associative array in PHP
  42. curl POST format for CURLOPT_POSTFIELDS
  43. Can’t use method return value in write context
  44. PHP get domain name
  45. How to solve “Fatal error: Class ‘MySQLi’ not found”?
  46. Running a Python script from PHP
  47. Object of class DateTime could not be converted to string
  48. HTTP Error 411, The request must be chunked or have a content length
  49. mysqli::query(): Couldn’t fetch mysqli
  50. Fatal error: Call to undefined function sqlsrv_connect()
  51. NotFoundHttpException in RouteCollection.php line 161: in laravel 5
  52. Easy way to password-protect php page
  53. Html encode in PHP
  54. file_put_contents: Failed to open stream, no such file or directory
  55. PHP $_POST not working?
  56. PHP cURL HTTP PUT
  57. Convert timestamp to readable date/time PHP
  58. PHP sessions that have already been started
  59. Contact Form 7 – Custom Validation
  60. How to output JavaScript with PHP
  61. file_get_contents( ) not working
  62. WRONGTYPE Operation against a key holding the wrong kind of value php
  63. What is the advantage of using try {} catch {} versus if {} else {}
  64. Check if URL has certain string with PHP
  65. Subtracting days, months or years from date using php
  66. Laravel – Model Class not found
  67. Fatal error: Call to a member function fetch_assoc() on a non-object
  68. Strict Standards: Only variables should be assigned by reference PHP 5.4
  69. mysqlworkbench giving version error on exporting database
  70. Steam Market API?
  71. PHP array delete by value (not key)
  72. PHP mail: Multiple recipients?
  73. Returning JSON from a PHP Script
  74. Paypal IPN Verification Postback with HTTPS
  75. How to force Laravel Project to use HTTPS for all routes?
  76. The difference between \n and
    in php
  77. PHP Warning: PHP Startup: Unable to load dynamic library
  78. Do I need a !DOCTYPE declaration in a php file with html?
  79. How get value from URL
  80. How can I parse a JSON file with PHP? [duplicate]
  81. Object of class stdClass could not be converted to string
  82. How to get URL of current page in PHP
  83. WordPress visual composer not loading
  84. What does “zend_mm_heap corrupted” mean
  85. Start and stop a timer PHP
  86. PHP variables don’t evaluate in the query [duplicate]
  87. Adding days to $Date in PHP
  88. Cant login to wp-admin (redirecting to homepage), But CAN login to wp-login.php
  89. Cant login to wp-admin (redirecting to homepage), But CAN login to wp-login.php
  90. How to turn off redirection from ‘domain.com/login’ to ‘domain.com/wp-login.php’
  91. How to redirect all pages of a custom post type [duplicate]
  92. How to redirect Old Post URL to new Post and keep Old post Comments?
  93. 3 blogs same installation, without WP MU
  94. Redirect undesirable domain
  95. WordPress redirect redirecting too many times or not at all
  96. I am receiving a pluggable.php warning sign on my only http:// page
  97. Redirect User when they click Menu Option
  98. Override 404 when navigating to single php file
  99. Submitting my form to the database and then redirecting to payment site
  100. Link to external page has wordpress blog-url inside

Leave a Comment