Member Avatar for genieuk

Hi,

Hoping someone can help me. I done a search on Google but must not be using correct search term as cannot find anything.

Basically how can i make sure a page is only accessed via a certain link?

I have a page that user clicks on that opens a poup window asking to enter captcha code, once entered and if ok it redirects them to a page with the links to the .zip files.

Thing is i need the page with the links to zip files only accessed by going via the re captcha first. So basically if they not done the recaptcha and accessed page directly it will redirect them to the captcha page.

I am using re-captcha from recaptcha.net

Thanks as always
Mathew

  • 2 Contributors
  • 1 Reply
  • 89 Views
  • 8 Hours Discussion Span
  • Latest Post Latest Post by diafol
Member Avatar for diafol

You can use a simple $_SERVER check. However, this could be forged. A secondary check could be put into a hidden input. The hidden input value could be made from a salt (a secret string) + http_referer + timestamp which is then encrypted.

Your form handler can then check the http_referer, bounce the user back to the previous page if not valid.
If valid, your form handler could then get hold of the $_POST variable holding the hidden value and decrypt it. It should then cutoff the secret string, http_referer and datestamp.
Checks should verify the salt and http_referer. The datestamp can then be checked against the current datestamp. If say more than 5 minutes have expired, bounce them with a message saying so.

I'm sure other users have better methods, but the above is relatively low tech. Sorry ain't got time to write the code for you.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.