links.php,其中包含以下代码:
$ipaddress = $_SERVER["REMOTE_ADDR"];
<p><a href="track.php?page=http://www.google.co.uk" target="_blank">google.co.uk</a></p>
<p><a href="track.php?page=http://www.bbc.co.uk" target="_blank">bbc.co.uk</a></p>
<p><a href="track.php?page=http://www.cnn.com" target="_blank">cnn.com</a></p>
<p><a href="track.php?page=http://www.yahoo.co.uk" target="_blank">yahoo.co.uk</a></p>
track.php捕获点击的链接:
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("mydb1") or die(mysql_error());
$redirect = mysql_real_escape_string($_GET['page']);
$ipaddress = $_SERVER["REMOTE_ADDR"];
$page_insert = mysql_query("INSERT INTO link_track (myurl, myip1, mydate) VALUES ('$redirect', '$ipaddress', now())") or die(mysql_error());
header("Location: $redirect");
无论如何都要阻止某人直接访问track.php。
非常感谢您的帮助,谢谢。
我对其他问题的道歉:
如果我想从网址中删除http://www.部分,我可以修改我的track.php代码如下:
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("mydb1") or die(mysql_error());
$redirect = mysql_real_escape_string($_GET['page']);
$redirect2 = parse_url($redirect, PHP_URL_HOST);
$redirect2 = preg_replace('/^(www\.)/i', '', $redirect2);
$ipaddress = $_SERVER["REMOTE_ADDR"];
$page_insert = mysql_query("INSERT INTO link_track (myurl, myip1, mydate) VALUES ('$redirect2', '$ipaddress', now())") or die(mysql_error());
header("Location: $redirect");
答案 0 :(得分:4)
您不能阻止某人直接访问它,因为您需要通过Web访问它才能使链接正常工作,但您可以处理URL查询字符串不包含page参数的异常。
实施例
if (empty($_GET['page'])) {
header("HTTP/1.0 400 Bad Request", true, 400);
exit('400: Bad Request');
} else {
// code from current track.php
}
答案 1 :(得分:0)
您可以借助session
session_start();
$_SESSION['user'] = 1;
if(!isset($_SESSION['user'])) {
header("location:links.php");
}else {
// your insert query
}