How does the HTTP_REFERER variable impact the behavior of the PHP script when downloading files?

The HTTP_REFERER variable contains the URL of the page that linked to the current page. This variable can be used to restrict access to files based on where the request originated from. By checking the HTTP_REFERER variable in the PHP script that handles file downloads, you can ensure that files are only downloaded when the request comes from an authorized source.

if(isset($_SERVER[&#039;HTTP_REFERER&#039;]) &amp;&amp; strpos($_SERVER[&#039;HTTP_REFERER&#039;], &#039;example.com&#039;) !== false){
    // Allow file download
    $file_path = &#039;path/to/file.pdf&#039;;
    header(&#039;Content-Type: application/pdf&#039;);
    header(&#039;Content-Disposition: attachment; filename=&quot;file.pdf&quot;&#039;);
    readfile($file_path);
} else {
    // Redirect or display an error message
    header(&#039;Location: unauthorized.php&#039;);
}

Keywords

HTTP_REFERER PHP script downloading files variable behavior

How does the HTTP_REFERER variable impact the behavior of the PHP script when downloading files?

Keywords

Related Questions