I was wondering if it is possible to execute a script depending on the referrer site. for example if a user accesses my site from Facebook then i want the script to be activated, but if the user accessed the site through google search then the script will not be ran. Is this possible?
You should be able to test $_SERVER['HTTP_REFERER'] to see if the user came from facebook and behave differently.
Do you mean a server-side or client-side script?
From the client side you can access the referrer through document.referrer (yes, with a doubled ‘r’, even though the corresponding HTTP header is mis-spelled). eg.:
if (document.referrer.toLowerCase().indexOf('//www.example.com')) {
document.getElementById('message').innerHTML= 'Hello, visitor from example.com';
}
It's possible. Just bear in mind that the referer can be spoofed, so you should never do security relevant things based on its value.
I would do something like this:
if (array_key_exists('HTTP_REFERER', $_SERVER) === true)
{
// this will give you something like google.com or facebook.com
$domain = str_ireplace('www.', '', parse_url($_SERVER['HTTP_REFERER'], 'PHP_URL_HOST'));
// check if there is any referer script you want to execute
if (is_file('path/to/scripts/' . $domain . '.php') === true)
{
// include the path/to/scripts/google.com.php for instance
include('path/to/scripts/' . $domain . '.php');
}
}
Related
At the moment I am testing an idea. What I want to do is display extra content on a webpage if the person visiting comes from a designated location.
I was able to make the code work using 'HTTP_REFERER' – Though this only works from websites and in this instance I want to detect whether the browser / person came from an Intranet which is behind a proxy server that is stripping out any referrer information.
Below is my current code.
I am searching for a viable option / equivalent.
Any thoughts would be very much appreciated.
<?php
$content = "hello world";
$referrer = $_SERVER['HTTP_REFERER'];
$explodestring = explode('/',$referrer);
$explodestring = $explodestring['2'];
if ($explodestring == "www.domain.com") {
echo $content;
}
?>
You can find that in $_SERVER['X-Forwarded-For'].
I've written some simple code in PHP which save slug from my 301 redirect URL so I know how many visitors come from that advertisement. However, it's not working when user comes from 301/307.
Example: if user comes from 301 redirect url example.com/example to redirect url to example.com/example1 now in example1 page not showing referral from this link example.com/example:
$url = example.com/example;
$data = "$url";
$j=0;
foreach (count_chars($data, 1) as $i => $val) {
$j=$j+$val;
}
$result = substr(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '',$j);
echo $result;
Hope this makes sense.
Dont rely on $_SERVER['HTTP_REFERER'] it is purely optional for a browser to send it, and some security software blocks it in requests. Read more here
Thats a normal problem of Referer Tracking. You should use other methodes to track ads.
The most used option are Get Parameters (offer.php?ref=sitexy)
How do I create a PHP script that will redirect to a custom URL when link added in the URL. For instance, when a user visits this:
http://mydomain.com/link.php?=http://www.google.com
It should redirect them instantly to google.
Ideally, is it possible to ensure that the click itself came locally?
I am aware that this is most likely a very basic PHP code but note that my knowledge of it is very limited which is restricting me from writing it.
You can use the HTTP_REFERER of $_SERVER variable to check whether it is from the local domain.
Reference: http://php.net/manual/en/reserved.variables.server.php
For redirection, try using the below
http://mydomain.com/link.php?r=http://www.google.com
header("Location:".$_GET['r']);
Reference: http://in3.php.net/manual/en/function.header.php
I hope the following works for you, you can hard code the $domain variable as mydomain.com
$url = "http://www.php.net/index.html";
$domain = str_ireplace('www.', '', parse_url($url, PHP_URL_HOST));
$refDomain = str_ireplace('www.', '', parse_url($_SERVER["HTTP_REFERER"], PHP_URL_HOST));
if(strcmp($domain, $refDomain) == 0)
{
//your code goes here
header("Location:".$_GET['r']);
}
http://mydomain.com/link.php?url=http://www.google.com
<?php
header("Location: {$_GET['url']}");
?>
This?
Ok, I would like to add a complete answer here.
You could use header to send a redirect header like MrSil said,
header("Location: $url"); // will redirect to $url!
If you want to prevent other people from using your redirect script, you can do something like:
$ref = $_SERVER['HTTP_REFERER'];
$host = parse_url($ref, PHP_URL_HOST);
if($host !== "mydomain.com"){
// out side request
}
But then, HTTP_REFERER can be easily spoofed. So, what would be a better check?
CSRF Protection. It might look like overkill, and it is also not the perfect way to do this stuff, but it helps.
Also, I don't think a perfect solution exists.
Read this for further info about CSRF.
I want to make a count of visits to my website from referal websites. I know there are many programs such as Google analytics but there will show you that my taffic is coming from www.facebook.com for example. I want to check if the traffic is coming from some specific urls that I specify such as www.facebook.com/myfanpage.
Befor I think about php I tried several methods with javascript that they did not seem to function the way I wanted to. For my search for php I only found this function. Any Ideas ?
$_SERVER['HTTP_REFERER']
$_SERVER['HTTP_REFERER'] Will do exactly what you need.
if (strstr($_SERVER['HTTP_REFERER'], 'facebook.com') !== false) {
// Facebook brought me to this page.
}
elseif (strstr($_SERVER['HTTP_REFERER'], 'google.com') !== false ) {
// Google brought me to this page.
}
Sorry, I know this is 6 months late but surely if the url was http://mydomain.com/?p=facebook.com then this would also be true? a better way would be to explode the referrers url based on / then extract the 4th section i.e.
$refererUrl = $_SERVER['HTTP_REFERER'];
$Exploded_URL = explode("/",$refererUrl);
$urlToCheck = $Exploded_URL[3].'.'.$Exploded_URL[4];
if($urlToCheck == 'facebook.com'){
/* From Facebook */
} elseif ($urlToCheck == 'google.com'){
/* From Google */
}
$_SERVER['HTTP_REFERER'] should contain the URL that the user is coming from to get to your page. It's not a function. It's simply a value. So you can use it for this purpose.
Do note, however, that the value is easily spoofed. (It's taken from the HTTP request header, and the user can send whatever they want.) It should be acceptably reliable if you're just collecting stats for your own interest or whatever. But if you're trying to use it to secure the page (e.g., only show certain content if the visitor came from a certain URL), forget it.
You will be able to check only if the HTTP Request has referer which is actually accessible in PHP using HTTP_REFERER. So its solely responsible from the referring website.
Get original URL referer with PHP?
The above post also will help you.
Is there a simple script that would only allow visitors if they originate from a website of my choice?
Checking the referrer is the most reliable way to accomplish this, but you should be aware that not all user agents (aka browsers) send a complete or correct referrer.
Something like this:
$target_site = 'http://www.google.com';
if (isset($_SERVER['HTTP_REFERER']) && preg_match("/$target_site/",$_SERVER['HTTP_REFERER'])) {
// do something with people from google.com
} else {
// do something else with everyone else
}
Read more about it: http://www.electrictoolbox.com/php-http-referer-variable/
PHP manual on $_SERVER superglobal: http://php.net/manual/en/reserved.variables.server.php
You can use the $_SERVER['http_referer'] but that can be easily faked.
If you get their referrer information you could check it against a list of accepted website origins and redirect them back to the site they came from if you don't want them.
$_SERVER["HTTP_REFERER"]