Reputation: 23159
what is the usage of the following function?
Take a look to this function please
function CheckHost()
{
$url = parse_url($_SERVER['HTTP_REFERER']);
$host = $url['host'];
if($host == $_SERVER['SERVER_NAME'])
return true;
return false;
}
i saw it somewhere, but can't understand it's usage.
is it for security reasons, or what?(as i see, it just verify is the last request from the same server as the script)
Thanks for attention
Upvotes: 1
Views: 64
Answers (4)
Reputation: 1754
It checks whether the referer is equal to the script location, basically its function is probably to prevent hotlinking.
Upvotes: 0
Reputation: 67004
This can be used for CSRF protection. The Referer will always be of a differnt domain and thus CheckHost() will return false.
Upvotes: 0
Reputation: 3455
It looks like its checking to see that the referrer is the same host name as the request. This is probably used for something like preventing other sites from directly linking to images or other content.
Upvotes: 0
Reputation: 724592
I suppose it's a simple check against cross-site request forgeries (CSRFs), or as others say, hotlinking. The PHP script calling this function would have to be executed on every HTTP request to the server in order to check for hotlinking, though.
Upvotes: 2
Related Questions
- What this do in PHP?
- What is the meaning of the following PHP Code
- What exactly does this function do in PHP
- pls explain the argument in this function
- Please explain this PHP Function Definition
- Unknown function
- Explain this function syntax
- meaning of the following php code?
- What does this code do?
- can someone explain what this php code is doing or its purpose