How do I find out where the request came from?

I have such a question. As on PHP, you can check whether a person came to this page with localhost - a or not. Moreover, $_SERVER['HTTP_REFERER'] cannot be used. You can also not check for 127.0.0.1. What other ways are there?

Author: Kyubey, 2011-12-22
Source

8 answers

To find out if a person is an outsider or not, run the script.

Option 1: set a password. Either by session or by httppassw.
Option 2 (used in CMS): the inclusion pulls up the file where the variable is set. Then, each CMS script checks for the presence of a variable.
Option 3: all links to the site must contain some kind of get request (href="site.ru/?partnerId=21534"), the value of which is written to the session. It turns out option 1, only more transparent.

 2
Author: ling, 2011-12-22 11:52:38

If the client(browser) it will not send this information(and many do not send it by default), you can not find it out. Unless, with accuracy: whether it came from your site or not from your site. If the information is sent, it is in HTTP_REFERRER

 1
Author: knes, 2011-12-22 10:37:39

"We need to check if an outsider is running the script on the server. " 

<?php
$ip = $_SERVER['REMOTE_ADDR']; //ip зашедшего на страницу
$your_ip = '182.54.12.482'; //ip с которого можно заходить
if($ip !== $your_ip){
    echo 'Ахтунг! Чужой!';
    exit();
}

Or did I misunderstand?

 1
Author: Elime, 2011-12-22 11:34:40

Did you take into account that if a person just typed the address of your site or its page in the address bar, then there will simply be no such thing as $_SERVER['HTTP_REFERER'] at all?

Generate a cookie for yourself and check its availability, do not give someone else's cookies and you will be happy without passwords

 1
Author: zippp, 2011-12-23 06:45:59

There are two variables $_SERVER['HTTP_REFERRER'] and $_SERVER['REMOTE_ADDR']

 1
Author: Shamanis, 2011-12-31 16:04:45 
if(empty($_SERVER['HTTP_REFERRER']))
{
  echo 'localhost or http://' . $_SERVER['HTTP_HOST'];
}
 0
Author: Palmervan, 2011-12-22 11:27:16

This is how the browser sends the request:

GET http://ru.stackoverflow.com/posts/64726/ivc/95ee?_=1431120826827 HTTP/1.1
Host: ru.stackoverflow.com
Connection: keep-alive
Accept: */*
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.2.9999.797 Safari/537.31
Referer: http://ru.stackoverflow.com/questions/64726/%d0%9a%d0%b0%d0%ba-%d1%83%d0%b7%d0%bd%d0%b0%d1%82%d1%8c-%d0%be%d1%82%d0%ba%d1%83%d0%b4%d0%b0-%d0%bf%d1%80%d0%b8%d1%88%d0%b5%d0%bb-%d0%b7%d0%b0%d0%bf%d1%80%d0%be%d1%81
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: smth=was-here;

I pay attention to the title host. Yes, and there is an address in the url itself.

 0
Author: Qwertiy, 2015-05-08 21:35:25

The question is relevant to me. I'm looking for a way to do something like this, but so far it turns out to be something like this. I am not sure that this will give the expected result, but I am close to it. In any case, SERVER_NAME gives the necessary information about the server name, it remains only to determine this information about the request server. HTTP_HOST gives the wrong information.

if ( $_SERVER['HTTP_HOST'] != $_SERVER['SERVER_NAME'] ) {

}
 0
Author: x-positive, 2017-06-05 13:54:30