| Posted By |
Discussion Topic: CGI.HTTP_REFERER
|
|
timbono1 |
04-09-2004 @ 8:01 AM |
|
|
Junior Member
Posts: 57
Joined: Feb 2004
|
Hi all,
I am trying to impose control over the navigation of users within my site using CGI.HTTP_REFERER.
I am trying to impose a rule where the site pages can only be accessed from the previous page preventing users from typing in a single address.
Currently I have:
<cfif (CGI.HTTP_REFERER IS NOT "index.cfm")>
<cflocation url="index.cfm" addtoken="no">
</cfif>
This works to a certain extent but when trying to access from index.cfm, the page simply refreshes and doesnt permit access to the next page!
Any suggestions would be very much appreciated!
Many thanks,
timbono1
|
|
Webmaster |
|
04-09-2004 @ 10:05 AM |
|
|
Administrator
Posts: 4533
Joined: Jan 2002
|
The problem with attempting something like this is that many people use products that allow them to surf the web "ANNONYMOUSLY" which means that CGI.HTTP_REFERER will NEVER Exist. It gets cleared by those kind of products on each page call...
So your site will NOT be usable to that type of user... Which is NOT Good!
THe best thing you can do IMO is to setup a variable (Session or cookie or client) that is loaded on the index.cfm page and then carried on all the other pages...
Then if that variable doesnt exist you can kick them back to the index page.
Follow?
Thanks,
Pablo Varando
Team Macromedia Member
=====================================================
|
|
timbono1 |
|
04-09-2004 @ 10:20 AM |
|
|
Junior Member
Posts: 57
Joined: Feb 2004
|
Hi,
Ummm...im not sure!
I have session variables through the site, and from what you have suggested, it would be best checking whether they have values or not, if not then redirect them to the right page?
Is that right?
What are these products that you mention? Im confused by that! Im also confused as to why checking using my code works by directly typing the URL (the point of the code) but not when I actually navigate to that page from index.cfm.
Does that make sense?
Many thanks for your advice Pablo,
timbono1
|
|
CJ |
|
04-09-2004 @ 10:39 AM |
|
|
Administrator
Posts: 4262
Joined: Oct 2002
|
CGI.http_referer returns more than just the template name (more than just 'index.cfm'.
on the page that currently has the conditional, try this:
<cfoutput>#cgi.http_referer#</cfoutput> and see what you get. this way you know exactly what to check for. I think it's not going to be what you think it was 
also, remember that if the user has a page bookmarked, there is no CGI.http_referer variables. Likewise, if you type the URL directly into the browser, there is no CGI.http_referer variable. So these things are going to have to be taken into consideration.
-CJ-
@ #coldfusion/DALNet
http://charlie.griefer.com
|
|
timbono1 |
|
04-09-2004 @ 10:50 AM |
|
|
Junior Member
Posts: 57
Joined: Feb 2004
|
Ahhhh I see!
Im with you now. Ok thanks for that CJ!
I think that checking for the session variables will be the best way to go, as I already have some validation that moves users if previous forms are null/empty. Its just a shame that I couldnt get this to be more personalised that they have entered the site from an illegal or unauthorised navgation!
Many thanks again,
Tim
This message was edited by timbono1 on 4-9-04 @ 10:51 AM
|
|
Webmaster |
|
04-09-2004 @ 1:30 PM |
|
|
Administrator
Posts: 4533
Joined: Jan 2002
|
I love it when a plan comes together 
Thanks,
Pablo Varando
Team Macromedia Member
=====================================================
|
