My company's website rely heavily on $_SERVER["HTTP_REFERER"] and it use Session ID also. Problem is HTTP_REFERER is not reliable because it's data come from the web browser, just like javascript in a way. When I use the Hier Menus or the javascript, 'location.replace', it prevent the HTTP_REFERER from working and it instead show a blank.
I have been experimenting with a new sway of checking. Is there a way that Session ID that can completely replace the HTTP_REFERER? HTTP_REFERER have been a lot of help for my company's website because it prevent the direct access attempt without logging in. This is pretty important for the credit bureau. I'm open to your ideas and what you use... Thanks, Scott F. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
