|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #31507 HTTP_REFERER missing this
Submitted: 2005-01-12 04:24 UTC Modified: 2005-01-12 05:22 UTC
From: motion_4u at hotmail dot com Assigned:
Status: Not a bug Package: URL related
PHP Version: 4.3.10 OS: all
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: motion_4u at hotmail dot com
New email:
PHP Version: OS:


 [2005-01-12 04:24 UTC] motion_4u at hotmail dot com
I see that there is a misunderstanding issue regarding the HTTP_REFERER.
Please read thoroughly before you will automatically paste the phrase ?but it is not a php bug?? 
It is not a bug, it is only a very important missing option.

You have received hundreds of bug reports regarding the referrer and argument it that the problem is definitely due to the blocked communication of the browser since the REFERRER is returned from the browser.
Here, there is something very important that you have neglected.
Not only the browser calls a page. the server does it too!
For example, what is the value of the HTTP_REFERER of an included in another one? 
There are many situations that a PHP file is included in another PHP file before it is parsed and sent to the browser. In this case the HTTP_REFERER  is very well known by the SEVER or better to say by PHP! An included file MUST update the header with the URL of the caller which is already there.
It might seem something not important but if someone would like to make sure that only one file is allowed to call and include another php file on the server, the only way to verify it is to call the HTTP_REFERER and check who called this file. Incase that it happens on the server the HTTP_REFERER  must contain the URL.


A PHP file [referrer.php] includes a hidden value from the [hiddenphpfile.php]
file. The [hiddenphpfile.php] would return the hidden value only if the referrer is known
Yes, we all know that the file [referrer.php] is the referrer but PHP doesn?t know it and the value of the $referrer stays NOTHIG with your argumentation that the browser didn?t return anything. 
I hope that I could explain it better.

[FILENAME: hiddenphpfile.php]

 return (? $SomeHiddenValue?); 

[FILENAME referrer.php]

$ref=include "refer.php";
echo $ref;

Reproduce code:
[FILENAME: hiddenphpfile.php]

 return (? $SomeHiddenValue?); 

[FILENAME referrer.php]

$ref=include "refer.php";
echo $ref;

Expected result:
recieve the referrer value
incase that including a php file within another one.

Actual result:


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-01-12 05:22 UTC]
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.

This has nothing to do with PHP at all.
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Sat Oct 01 21:05:52 2022 UTC