Vincent Chua
Reputation: 1009
Prevent access to thank you page?
I have a php form and I'm redirecting from:
http://wthdesign.net/contact.php
to this url:
http://wthdesign.net/contact.php?status=thanks
once my form is send:
but my problem is how do I prevent access to this url if the form was never sent in the first place?
Upvotes: 0
Views: 158
Answers (2)
Raymond Nijland
Reputation: 11602
Show us the source code off contact.php
indeed SESSION is proberly the best way to go, and set the session like this.
if (mail(...)) {
$_SESSION['allow_show_thanks'] = 1;
}
you have proberly some kind of switch case to handle status?
if (status == "thanks") {
} else {
// show form
}
change that to
if (status == "thanks" && (isset($_SESSION['allow_show_thanks'] && $_SESSION['allow_show_thanks'] == 1) ) {
// show thanks when status equals "thanks" AND SESSION['allow_show_thanks'] == 1
} else {
// show form
}
Upvotes: 1
M.Svrcek
Reputation: 5645
you just need to create session in the form and you need to check, whether the session was set with isset function. If not, use die at the beginning.
if (!isset($_SESSION['thank'])) die;
Upvotes: 2
Related Questions
- preventing direct access to a php page, only access if redirected
- Disallowing user to view page
- deny access php page but still make it possible to be included
- how to block direct access using url to multiple thank you pages?
- Prevent user access PHP page directly
- Stop user from viewing page if condition is not met
- "Thank you" page should not show when some one types the URL, How would you do this?
- Disable direct access to php page but allow the access if reached from specific page
- PHP: prevent direct access to page
- Stop a user directly accesing a page