On Wednesday, January 30, 2002, at 03:32 AM, jas wrote:
> Using php3 is there a way to have a page only be access if the user is
> coming from another page? I don't quite know how to word what I am
> thinking
> but for instance...
> Form <-- page that contains a form to submit an email address to a
> mailing
> list
> Confirm <-- page that confirms the users email address
> Submit <-- page that connects to database and submits users email
> address
>
> What I want to do is have users not be able to access the submit page
> unless
> they are refered from the confirm page... Using php is this possible?
> And
> if so could someone point out somewhere that has more info so I may
> begin
> incorporating this into my scripts.
> Thanks in advance...
The best way to do this would be to have a page that calls ITSELF. And
certain parts of the page only execute if certain conditions are met,
i.e. an easy example:
(hint: start reading from the bottom for this one)
switch ($_POST['action']) {
case 'submit':
// take the contents of the previous form and send them
// to the mail function
// print a "message sent" message to the user's screen
// and a link out of this page back to your main site
case 'confirm':
// print the contents of the form from the previous instance
// of this page to the screen, with a "submit" button that
// says "confirm" and another hidden input that says
<input type="hidden" value="submit" name="action" />
// take the contents of the form and throw them into a variable
// that will be passed to the next (and final) instance of
// this page
default:
// print the form for the person to email
<form method="post" action="<?php $_SERVER['PHP_SELF']?>">
Contents <input type="textarea" name="email" />
// print a hidden variable in the form
<input type="hidden" value="confirm" name="action" />
// unless the form is filled out and submitted,
// this is the only thing anyone will ever see
}
See what happens? There is no way that the user will see the top two
sections (the 'confirm' and the 'submit' sections) unless they've done
what's needed in the "default" section. Unless they break your page
somehow.
Note that I've used PHP 4.1.0-style variable names, in case you're using
register_globals=0. You don't need to use them if you have
register_globals=1.
Erik
----
Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
