What are some alternative methods to using the referrer header to control access between PHP pages?

Using the referrer header to control access between PHP pages can be unreliable as it can be easily manipulated or spoofed. An alternative method is to use sessions to track a user's authentication status and restrict access based on that.

// Start a session
session_start();

// Check if the user is authenticated
if(!isset($_SESSION[&#039;authenticated&#039;]) || $_SESSION[&#039;authenticated&#039;] !== true) {
    // Redirect to login page
    header(&quot;Location: login.php&quot;);
    exit();
}

// Your protected page content here

Keywords

referrer header access control alternative methods PHP pages security

What are some alternative methods to using the referrer header to control access between PHP pages?

Keywords

Related Questions