I need to perform a redirect if user comes from another address than bonaca... or if he typed another pass than 1405 or 999.
The following code is not working properly.
$referrer = $_SERVER['HTTP_REFERER'];
if (!(preg_match("/bonaca.net46.net/",$referrer))
or
!($_POST['pass'] == 1405
or
!$_POST['pass'] == 999)
{
header('Location: index.php');
};
From http://php.net/preg_match
Do not use preg_match() if you only want to check if one string is contained in another string. Use strpos() or strstr() instead as they will be faster.
Based on your comment: The following will be true if the referrer does not contain bonaca.net46.net or the password is anything other than 1405 or 999
$referrer = $_SERVER['HTTP_REFERER'];
if (strpos($referrer, "bonaca.net46.net") === FALSE
|| !($_POST['pass'] == 1405 || $_POST['pass'] == 999)
)
{
header('Location: index.php');
};
I would use a few temporary variables to make the condition less bloated:
$userFromBonaca = isset($_SERVER['HTTP_REFERER']) && strcasecmp(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) , 'bonaca.net46.net') == 0;
$validPass = isset($_POST['pass']) && in_array($_POST['pass'], [1405, 999]);
if (!($userFromBonaca || $validPass)) {
header('Location: index.php');
}