CODEWITHSUNDEEP
phpjavascripthtmlseo
user1187
user1187

Reputation: 2198

"Thank you" page should not show when some one types the URL, How would you do this?

I have a website. If some one posts an inquiry it goes to the thank you page www.legasy.com/thankyou/ the URL will be like that. When I am analyzing the webmaster tools its showing more thank yous than inquirys.

After filling form fields validating and inserting that values into the table. It will go to thank you page. But if some one types the url it should not go to thank you page. What I can do for this?

Bellow is my code

HTML

<form>
 <table>
    <tr><td>Name</td> 
        <td><input type="text" name="buyer_name" id="buyer_name"  size="31" value="" /></td>
     </tr>
    <tr> <td>Email</td> 
         <td><input type="text" name="buyer_email" id="buyer_email"  size="31" value="" /></td>
    </tr>
    <tr> <td>Contact No</td>
         <td>   <input type="text" name="buyer_mobile" id="buyer_mobile" size="31" value=""/></td>
    </tr>
    <tr>                                        
         <td colspan="2" style="text-align:center;">
            <div id="post_enquiry"><img src="./images/for_more_det_click.gif" onclick="postBuyerEnquiry();" style="cursor:pointer;"/></div>
          </td>
    </tr>
 </table>
</form>

Javascript

<script type="text/javascript" src="../scripts/jquery.min.js"></script>
<script type="text/javascript" language="javascript">

function postBuyerEnquiry()
{

    var nametxt = document.getElementById('buyer_name').value;
    var emailtxt = document.getElementById('buyer_email').value;
    var phonetxt = document.getElementById('buyer_mobile').value;
    output ="text";

  if(nametxt=='')
  {
      alert("Please Enter Your Name");
      return false; 
  } 
  else if(emailtxt=='')
  {
      alert("Please Enter Your Mail Id");
      return false;
  }

     else if(phonetxt=='')
     {
          alert("Please Enter Phone Number");
          return false; 
     }
    process = 'loadEvent';
        output = 'text';
      url = "test4.php";        
    $.get(
            url,
            {'act':'SBQF', 
             'name':nametxt, 
             'email':emailtxt,
             'phone':phonetxt,
            },
            function(responseText)
            {
                 window.location.href = '/legasy.com/thankyou/';
            },
            "html"
        );

}

PHP

<?php
if ( !empty($_POST['act']) )
{
    $act        =   formatstring($_POST['act']);
}

switch( $act )
{
    case "SBQF":

         $strName         = $_GET['name'];
         $strEmail        = $_GET['email'];
         $strPhone        = $_GET['phone'];
             //Inserting values into the database   
         exit;  
     break;
}
?>

or

If anyone type the URL (www.legasy.com/thankyou/) it want to go to the error page

Upvotes: 1

Views: 215

Answers (3)

Sterling Archer
Sterling Archer

Reputation: 22405

I would consider using a $_SESSION value on the thankyou page. That way, if somebody manually enters the URL without previously having the $_SESSION['visited'] (visited is just an assoscative value, you don't have to use it), you can use header() to redirect them wherever you need.

Upvotes: 1

Osiris
Osiris

Reputation: 4185

if ( !empty($_POST['act']) )
{
    $act        =   formatstring($_POST['act']);
}
else {
    header('Location: www.legacy.com/error');
}

Note that someone can still go to the thankyou page by spoofing a POST value.

Upvotes: 0

Praveen Kumar Purushothaman
Praveen Kumar Purushothaman

Reputation: 167182

Wrap everything else inside else

else { // Give this here
    process = 'loadEvent';
        output = 'text';
      url = "test4.php";        
    $.get(
            url,
            {'act':'SBQF', 
             'name':nametxt, 
             'email':emailtxt,
             'phone':phonetxt,
            },
            function(responseText)
            {
                 window.location.href = '/legasy.com/thankyou/';
            },
            "html"
        );
    return false;
}

At any time, this gets executed. Also, give a return false; in the end of the else part too!

Access Denied stuff

If you want the users not access the www.legasy.com/thankyou/ page directly, you can set a session. The moment you do success thing, you can set a session this way.

session_start();
if (condition on success)
    $_SESSION["thankyou"] = true;

In the www.legasy.com/thankyou/ page,

session_start();
if (!isset($_SESSION["thankyou"]) && $_SESSION["thankyou"] != true)
{
    header('Location: /error/');
    die();
}

Upvotes: 2

Related Questions