Skip to navigation

Skip to additional stuff

Thursday, July 14, 2005

Using http_referer in PHP

Every browser sends a referer in the header. (The HTTP header contains additional information about you and the webpage you’re requesting). The referer is the site you’ve been on before requesting the current site. That means you can see where people came from. Here is a nice and effective technique on how you can use the referer in a web application.

You are on a typical website. Let’s say Jobazaar. You’re logged in. You want to log out. But, wait, you just want to log out, not leaving the page you’re currently viewing. Uhmm.. it’s Jobazaar, so just click “log out”.

What happens? You get the same page, you’re just not logged in anymore. Some magic caused by the referer in the HTTP header. Remeber: We are not passing any arguments through the URL.

This is what happens in the logout script:

....
(some magic things you'll never get to know)
....
if(@$_SERVER['HTTP_REFERER'] != '')
   header('Location: '.$_SERVER['HTTP_REFERER']);
else
   header('Location: http://www.example.com/');
....

header('Location: ...'); does a 302 redirect to the specified site. The user will not notice any redirecting.

These are four lines that can make a huge improvement on usability. It’s the small things that count. People won’t take much notice of this improvement, but they have a better experience when surfing your site since they don’t have to navigate back to the point they’ve been on when logging out.

I’ve to say that there are areas on a website where you can’t get back to after logging out. That’s no problem, because those ‘areas’ should automatically redirect you to some ’safe’ place. No improvement there, however.

9:51 pm | Filed under: , , 14 Comments | the j-blog

14 Comments on “Using http_referer in PHP”

Leave a comment | Trackback URL | RSS feed for comments on this post
  • 1.
    Posted by
    bruce
    2005-8-12
    12:30 am

    How the heck does this actually do anything? It looks to me like it just reloads the same page.

  • 2.
    Posted by
    Julian
    2005-8-12
    8:38 am

    Uhm, well, yes.

    Like it says in the article: “You get the same page, you

  • 3.
    Posted by
    bruce
    2005-8-16
    1:18 am

    So how are you not logged in any more? I really don’t understand. Is it because you were tracking session through GET variables and these have been stripped or something?

  • 4.
    Posted by
    Julian
    2005-8-16
    9:32 am

    That discussion gets weird. Maybe I should rewrite the article. It should’ve been just an example for using HTTP_REFERER, nothing more. You can perform an action (’log out’) and get back to the same page, without passing anything through the URL.

  • 5.
    Posted by
    A.
    2005-8-31
    10:35 pm

    This code was a great help. I found it in a G search where I was seeking help getting a login (with a form posting to itsself) to redirect back to the referring page. I didn’t have much luck with what I tried. Any suggestions?

    cheers,

    A.

  • 6.
    Posted by
    A.
    2005-8-31
    10:38 pm

    To be more specific, I’m looking to do this in situations where people have bookmarked pages that are only accessible with session data where they’ve been 302 redirected to the login page.

    A.

  • 7.
    Posted by
    A.
    2005-8-31
    11:30 pm

    So, I just ended up passing the referring page as a URL variable to the login, and that seemed to work.

    A.

  • 8.
    Posted by
    haseebmohammed
    2005-11-9
    2:34 pm

    yeh i understood the concept but iam bit confused about how to use this HTTP_REFERER where should i apply and how should i.please tell me how to check this.

  • 9.
    Posted by
    Julian
    2005-11-9
    5:13 pm

    @haseebmohamm: If you understood the concept, what’s the problem? Could you please concretize your question?

  • 10.
    Posted by
    davy
    2005-11-17
    11:04 pm

    Sounds great, but when i echo or try the example i get nothing. does this require some type of setting from my host server. Maybe my server wont allow the command to display? wish I could get thi to work….

  • 11.
    Posted by
    Tim Hawkins
    2006-4-22
    10:07 am

    I was just wondering about something.

    If for example in a login script you were in a page in a subfolder so your url would be simething like this “http://www.visitediste/subfolder1/page1.php”
    and your login script is taking you above your subfolder then HTTP_REFERER refer would take you to:
    “http://www.visitediste/page1.php”. I tested this out and I think I’m correct

  • 12.
    Posted by
    Mahendra Choudhary
    2006-7-15
    1:21 pm

    Hi,it is really marvellous.

  • 13.
    Posted by
    Sherlin Fernandes
    2008-9-15
    12:34 pm

    This is utter waste,nothing it explains about the HTTP_REFFER and nor does it explain how to do it.If i have logged in and has a link to forward.How that link will work exteranally as he has to login.

    Utter waste

  • 14.
    Posted by
    atasözleri
    2010-3-10
    10:09 am

    Thanks you but this is doesn’t working.

    Header request hasn’t referer data.

    Can anyone help me please?

Leave a comment

Your e-mail address will never be displayed.

(required)

(required)


Navigation

© Copyright Julian Bez 2010. All rights reserved, unless otherwise mentioned.
For your convenience: All times are GMT.
Built with valid things such as XHTML and CSS.

PLEASE NOTE: This site will look much better in a browser that supports web standards, but it is accessible to any browser or Internet device. more info...