no permitir que una pagina se hara directamente

Eduardo
17 de Abril del 2004
Hola a todos soy nuevo en eso del php, el problema que tengo es q' quiero restringir el acceso a ciertas paginas.. y q' nada mas puedan accessar desde el home de mi aplicacion. ejemplo:
que el usuario cuando teclee esta direccion
http:/servidor/reportes/reporte1
le aparecas algun mesaje diciendo q' no puede accesar directamente si no es por la pagina principal.. como le puede hacer.. gracias

cl
17 de Abril del 2004
Hace un tiempo bajé este código, no lo he probado pero funciona de forma similar a lo que tu quieres, si un usuario accede desde una página no autorizada redirecciona a la página que tú indiques.

Ojalá te sirva

################################# DENY ACCESS ################################

##############################################################################
#
#
# COPYRIGHT NOTICE
#
# DenyAccess Vn. 1.0
# Copyright (c) 1999 - 2003 JemWeb Internet Designs. All rights reserved.
# Created 04/12/02 Last Modified 11/12/02
# Derek Jempson, http://www.jemscripts.co.uk
# E-mail: [email protected]
#
##############################################################################
#
# This software can be used for any purpose, either private or commercial
# provided that all files contained in the distribution are kept intact
# and are not altered in any way.
#
# DISCLAIMER
#
# This software is provided "as is", without warranties of any kind either
# expressed or implied, including but not limited to the warranties of
# merchantability, fitness for a particular purpose and non-infringement.
# In no event shall the authors or copyright holders be liable for any claim,
# damages or other liability, whether in an action of contract, tort or
# otherwise, arising from, out of or in connection with this software or the
# use or other dealings in this software.
#
##############################################################################



IMPORTANT
---------

If this file displayed in yout browser window after you clicked the.
"Download Now" button, save it as a TEXT file (.txt extension) and then
open it in a TEXT EDITOR (such as Windows Notepad) on your computer.
DO NOT use a word processor to view and use this file.

Requirements for using DenyAccess
---------------------------------

To run DenyAccess, you will need:

a) Web space that has PHP4.11 or higher installed.
b) A Unix or Linux server (this program is not tested for Windows servers,
but will probably work on one)
c) An FTP program to upload the files to your Web space.
d) A Web browser that has JavaScript enabled.

Instructions for using DenyAccess
---------------------------------

1. Copy the code that follows these instructions, that's everything between

<!-- ********** START OF DENY-ACCESS CODE ********** -->

and

<!-- *********** END OF DENY-ACCESS CODE *********** -->

2. Paste the code into the web page to which you want to restrict access.
The code should be pasted immediately after the <BODY> tag like this:

<HTML>
<HEAD>
</HEAD>
<BODY>
<!-- ********** START OF DENY-ACCESS CODE ********** -->

code

<!-- *********** END OF DENY-ACCESS CODE *********** -->

remainder of page code......
</BODY>
</HTML>

3. If the file doesn't already have a .php extension, then change it
(e.g. "myfile.html" would become "myfile.php").

4. Upload the page to your Web space (in ASCII mode) using the FTP program.

5. The code will now prevent both direct access (when someone types the
URL of the page into their browser), or access from a link on any page
from a domain that is not your "allowed domain". Any attempts to open
the page from anywhere other than the "allowed domain" will be
intercepted by the alert message, and on clicking the "OK" button the user
will be redirected to another page or URL, sent back to the URL from where
they came, or their browser window will be closed, depending on the choice
that you made when setting-up the script.

Note: If your "allowed domain" is on a secure server (https), access will
be blocked regardless, as the referring URL is "hidden".



<!-- ********** START OF DENY-ACCESS CODE ********** -->
<?php
$Referer = getenv("HTTP_REFERER");

if (!strchr($Referer, "http://PAGINA DESDE LA QUE SE ACCEDE")) {
echo "<script>alert('REDIRECCIONANDO');window.location='http://PAGINA A LA QUE SE ENVÍA USUARIO QUE NO ACCEDA DESDE LA PÁG PERMITIDA';</script>";
exit();
}
?>
<!-- *********** END OF DENY-ACCESS CODE *********** -->



If you have any problems with using this script, please e-mail:
[email protected]



##############################################################################