[Xerte-dev] Re: $_SERVER['HTTP_REFERER'] issue

Ron Mitchell ronm at mitchellmedia.co.uk
Thu Jan 26 13:19:03 GMT 2012


When you say it doesn't work in IE what do you mean?

I've just tested in IE 8 with a link to a restricted LO from my Moodle.
Clicking the link in moodle works, putting the link direct in a browser or
via email works in as far as it doesn't show the LO but gives an error.
Fatal error: Call to undefined function dont_show_template()

That said it's not the latest version so that error may have been fixed at
some point.

HTH

Ron

 

From: xerte-dev-bounces at lists.nottingham.ac.uk
[mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: 26 January 2012 12:59
To: For Xerte technical developers
Subject: [Xerte-dev] $_SERVER['HTTP_REFERER'] issue

 

Anyone got any bright ideas: when you set access to other, you can specify a
domain to restrict access only to links being followed from that domain: so
you can have some sort of gatekeeping in any system the user has to log in
to, and then only allow access to links from that system.

 

This is the code, it uses $_SERVER['HTTP_REFERER'].

 

It doesn't work in IE. Cosmic.

 

Any alternative approaches without having to modify the linking system?

 

This is the code:

 

$test_string=substr($row_play['access_to_whom'],6,strlen($row_play['access_t
o_whom']));

 

if(strlen($_SERVER['HTTP_REFERER'])!=0){

 

       if(strpos($_SERVER['HTTP_REFERER'],$test_string)==0){

 

       mysql_query("UPDATE " . $xerte_toolkits_site->database_table_prefix .
"templatedetails SET number_of_uses=number_of_uses+1 WHERE template_id=" .
$safe_template_id);    

                                   

       require $xerte_toolkits_site->root_file_path . "modules/" .
$row_play['template_framework'] . "/play.php";

       

       show_template($row_play);                               

 

       }else{

       

       require $xerte_toolkits_site->root_file_path . "modules/" .
$row_play['template_framework'] . "/play.php";

 

       dont_show_template();

       

       }

 

}else{

 

       //dont_show_template();

       //going to show it anyway, as referer doesn't work in IE

       require $xerte_toolkits_site->root_file_path . "modules/" .
$row_play['template_framework'] . "/play.php";

       

       show_template($row_play);

 

}

 

This message and any attachment are intended solely for the addressee and
may contain confidential information. If you have received this message in
error, please send it back to me, and immediately delete it. Please do not
use, copy or disclose the information contained in this message or in any
attachment. Any views or opinions expressed by the author of this email do
not necessarily reflect the views of the University of Nottingham. 

This message has been checked for viruses but the contents of an attachment
may still contain software viruses which could damage your computer system:
you are advised to perform your own checks. Email communications with the
University of Nottingham may be monitored as permitted by UK legislation. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20120126/b9323529/attachment.html>


More information about the Xerte-dev mailing list