Search options (Page 1 of 2)

Hello, it's me again...

I managed to do what I wanted but I still have a very little problem.

Connorhd proposed to put that code

$ip=$_SERVER['REMOTE_ADDR']; 
    if (@$_SERVER["HTTP_X_FORWARDED_FOR"]) 
        $ip=$_SERVER["HTTP_X_FORWARDED_FOR"]; 
    $sCookieValue=md5($_SERVER['HTTP_HOST'].$ip); 
    if (!isset($_COOKIE['DAlbum_Connection']) || 
         $_COOKIE['DAlbum_Connection']!=$sCookieValue) 
    { 
       // Check referrer. If referrer is our domain - 
        // allow access even if cookie is not set 
        if (isset($_SERVER['HTTP_REFERER'])) 
        { 
            $ref=parse_url($_SERVER['HTTP_REFERER']); 
            $sHost=basename($ref['host'] ); 
            if (isset($_SERVER['HTTP_HOST']) && 
                strcasecmp($_SERVER['HTTP_HOST'],$sHost)==0) 
                return; 
        } 
        exit("404 Not found"); 
    }

So people arrive on a page where is written "404 Not found"

I can change this to set a redirect link to my website with this

exit('<a href="http://www.mywebsite.com/index.php" target="_blank">mywebsite.com</a>') ;

But I don't know how to write a little sentence just before the link.

I'm able to put the link or to write a sentence, but not both together.

So can someone help me to change the "exit code" in order to have something like :

"You should go to my www.mywebsite.com prior to access to this page"

Thanks to all.

Ok, understood Connorhd. This is kind from you for your previous help.

Ok let's say what happens.

If I've never been on any page of my website, it works : I can't see any page of the forum, only a little text saying "404 Not found". (Maybe I could change this to sent people to the login page of the website. I'll see it later).

But, if people has only been on the login page of the website (even if they didn't logged in, only displayed the page), they can go on the register page of the forum.

And more over, even if I reboot the computer, user can still acces the register or login page of the forum.
Cookie is not destroyed.

Thanks Connorhd

If I put this code at the top (real top) of common.php, the code is displayed as is on the page...
If I put this code after <?php, I've a fatal error : "Call to undefined function: hdr() in /home/... etc.. on line 50

Line 50 : hdr("404 Not found");

I've certainly make a mistake

AAAARRRRGGGHHHH  !!!!!!!!

The code I've quoted above seems to do exactly what I want, without changing anything !!!!

I've been looking after this for days and days, and it was just in front of my face (or quite in front).

So, excuse me, I've to go : I'm just going to hang myself...

Thanks to all,

Lim

Edit : NO, sorry, I've made a mistake, it does not work as I want. Something must be changed to this code, but what, and how ???

... hum ... easily ?

DisableDirectLinking(); 

function DisableDirectLinking() 
{ 
    $ip=$_SERVER['REMOTE_ADDR']; 
    if (@$_SERVER["HTTP_X_FORWARDED_FOR"]) 
        $ip=$_SERVER["HTTP_X_FORWARDED_FOR"]; 
    $sCookieValue=md5($_SERVER['HTTP_HOST'].$ip); 

    if (stristr($_SERVER['PHP_SELF'],"photo.php")) 
    { 
        if (!isset($_COOKIE['DAlbum_Connection']) || 
             $_COOKIE['DAlbum_Connection']!=$sCookieValue) 
        { 
            // Check referrer. If referrer is our domain - 
            // allow access even if cookie is not set 
            if (isset($_SERVER['HTTP_REFERER'])) 
            { 
                $ref=parse_url($_SERVER['HTTP_REFERER']); 
                $sHost=basename($ref['host'] ); 
                if (isset($_SERVER['HTTP_HOST']) && 
                    strcasecmp($_SERVER['HTTP_HOST'],$sHost)==0) 
                    return; 
            } 
            hdr("404 Not found"); 
            exit(); 
        } 
    } 
    else 
    { 
        // Set cookie for one hour. 
        setcookie("DAlbum_Connection",$sCookieValue,time()+3600); 
    } 
}

Is there a place where I should change to the URL of the Forum, or is more difficult than that ?

Ok, thanks D9r. I'll see it

Yes.... well, well, well

I'll try to find how to do it...

And by the way, with this check, people won't be able to register if they don't have this DAlbum's cookie ?

Yes, but I don't want anybody to be able to register if they don't come directly from my website.
So this option is not exactly what I want.

It's why I wanted to change the .htaccess, which seems to be impossible, Connorhd says

You're right zc923. I thing Connorhd caught this point at the previous post

Is it difficult to create a two-places access system, but keeping my login page form ? (There's a login and password windows).

Ok, I may be a little paranoïd, LOL, but if you type www.mywebsite.com/forum/index.php or more directly, www.mywebsite.com/forum/register.com, you access to the register page which allows you to register then acces to the forum.

You will tell me that people must know how is organized the website/forum. You're right. What I wanted to do was just a - little bit more - secure access.

But it seems to be much more harder then I thought...

Yes, this is a nice idea, but as I told you, the website is make dynamicaly, has its own login page (which I wish to keep the look, but I don't know how works the login stuff), and I don't know anything about coding...

But, logging once to the website and to the forum at the same time would be great, but might be more difficult then just ingrate a referer inside the "Meta Refresh"... for who knows how coding a .htaccess

Because I don't want anybody to find the forum if they don't come through my website first.
You've just pointed the goal

If we find how to turn around the "Meta Refresh" problem, no it's not.
Just because there is already one group login/password for the website, there will be one file user/password for the forum, and there would be another group-or-user/password file...

If I could -easily- do one file for all, why not, but it might be not very simple as both website an forum are "php-automatic" made (don't remember the name...)