What I have in mind is this... We are going to have people come from a particular site during a acquisition campaign and was wondering how I could conditionalize a certain section of my site to display a thank you message instead of the sign up form as they would have had the opportunity to fill this out before coming to my landing page.
I have seen solutions like: $referal = mysql_real_escape_string($_SERVER['HTTP_REFERER']);
I would like to know if this is the best way to get this to work???
->>> okay this is what i think might work. The third party website that is referring people to our landing page once the form on that site has been filled out can push into the record a hidden input value of "www.sample.com" or whatever... then I can have something check the for that particular value and fire off the conidtional.
Does that even sound right?
$_SERVER['HTTP_REFERER']
is the most reliable information you'll get about where your visitor came from. And it's not at all reliable. Some browsers may be configured to not send that header at all, and anybody can send misinformation, claiming they came from http://ultra-secure.top-secret.government.gov/ if they feel so inclined.
With that caution in mind, it sounds like perfect reliability isn't a consideration here, and you're just hoping to save some time for visitors with a correct HTTP_REFERER
set.
In that case, comparing the beginning portion of that value to the www.example.com address where you expect visitors to originate with pre-filled-out signup information, would be the best way to go.
Here's an example:
$site = "http://www.sample.com/";
if (!empty($_SERVER['HTTP_REFERER']) &&
substr($_SERVER['HTTP_REFERER'], 0, strlen($site)) == $site) {
//if execution reaches this point, user claims he came from www.sample.com
}
Based on your overall use case, I'd say that the best way to do this is to have the website that's referring to you pass a special POST or GET param, whichever is appropriate.
If you don't know if it sounds right, you'll have a hard time implementing it.
What you can do is this:
$_SERVER['HTTP_REFERER']
, but you don't need a mysql_real_escape string around that just to check if the user comes from a particular site. Note that the referer is basically "user-defined", so you can neither rely on it nor trust it.<input type="hidden" ..
. Note that this can be faked too.if( isset($_GET['ref']) )
the form would look like this <form action="http://yoursite/register.php?ref" method="POST">
.