检查页面是否在浏览器中查看? PHP
[英]check if page is viewed in browser? PHP
问题描述
I was wondering if there is any way to check a page has been ran in a browser (by a human) in PHP. 
我想知道是否有任何方法可以检查页面是否已在PHP的浏览器中(由人操作)运行。
I've got a page that only needs to be accessed through a cURL request. 我有一个页面,只需要通过cURL请求即可访问。 So I don't want users snooping around on it. 所以我不希望用户窥探它。
any ideas? 有任何想法吗?
thanks 谢谢
EDIT: 编辑:
Because this is one of those questions that are not easily found on the web, here's the solution i used: 因为这是在网络上不容易发现的问题之一,所以这是我使用的解决方案:
I came up with an idea thanks to anthony-arnold. 多亏了安东尼·阿诺德,我想出了一个主意。 Its not very stable, but it should do for now. 它不是很稳定,但现在应该这样做。
I simply sent the user agent in my cURL request: 我只是在cURL请求中发送了用户代理:
//made a new var with the user agent string.
$user_agent = "anything I want in here, which will be my user agent";
//added this line in the cURL request to send the useragent to the target page:
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
and then I simply wrote an if statement to handle it: 然后我只写了一个if语句来处理它:
if
($_SERVER['HTTP_USER_AGENT'] == "my expected useragent - the string i previously placed into the $user_agent var."){
echo "the useragent is as expected, do whatever";
}
else if
($_SERVER['HTTP_USER_AGENT'] != "my expected useragent - the string i previously placed into the $user_agent var."){
echo "useragent is not as expected, bye now."; exit();}
And that did the trick. 那就成功了。
1 个解决方案
解决方案1
4 已采纳 2011-11-21 00:08:34
Check the User-Agent or use the get browser function to check which browser is requesting your page. 检查User-Agent或使用获取浏览器功能检查哪个浏览器正在请求您的页面。 You could configure your web server to fail unless a specific user agent is specified. 您可以将Web服务器配置为失败,除非指定了特定的用户代理。 You can set the user agent in cURL using the --user-agent switch (see the man page ). 您可以使用--user-agent开关在cURL中设置用户代理(请参见手册页 )。
Unfortunately, the user agent can be spoofed so you can never be absolutely sure that the one sent by the client is in fact correct. 不幸的是,用户代理可以被欺骗,因此您绝对不能绝对确定客户端发送的代理是正确的。
There is a problem with this idea though. 但是这个想法有一个问题。 If it's on the public web, you have to expect that people might try to access it in any way! 如果它在公共网络上,您必须期望人们会尝试以任何方式访问它! If the HTTP request is valid, your server will respond to it (under default configuration). 如果HTTP请求有效,则您的服务器将对其进行响应(在默认配置下)。 If you really don't want it accessed by any method other than your prescribed cURL one, then you might need to invest in some further authentication/authorization methods (eg username/passphrase authentication via SSL). 如果您确实不希望通过规定的cURL以外的任何方法访问它,则可能需要投资一些其他的身份验证/授权方法(例如,通过SSL的用户名/密码身份验证)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.