samedi 16 mai 2015

Simple random link generator, omitting refering page

I've noticed quite a high bounce rate on by site. People are staying on the page they land on but not going anywhere else. So I thought I would add a random link generator put it at the bottom of the page. I digress.

Problem is I don't really know PHP, I have to google everything, plus im terrified of forgetting some kind of attack vector.

so I've come up with this:

<?php
if (isset($_SERVER['HTTP_REFERER']) && preg_match('/^http:\/\/(www\.)?puzzles\.nigelcoldwell\.co\.uk\/[a-z]{3,15}\.htm$/' ,$_SERVER['HTTP_REFERER'])) {
    $oldlink=$_SERVER['HTTP_REFERER'];
    }
else{$oldlink="";
}
do{
    $newlink = generate();
} while($newlink == $oldlink);
header("Location: $newlink"); 

function generate(){
$links = array(
"http://ift.tt/1EOH2hO",
"http://ift.tt/1FjVvWv",
"http://ift.tt/1EOH3Ci",
"http://ift.tt/1FjVvWw",
"http://ift.tt/1EOH3Ck",
"http://ift.tt/1FjVu52",
"http://ift.tt/1EOH3Cq",
"http://ift.tt/1FjVu54",
"http://ift.tt/1EOH2y5",
"http://ift.tt/1FjVu56",
"http://ift.tt/1EOH2y7",
"http://ift.tt/1EOH3SM",
"http://ift.tt/1skKhID",
"http://ift.tt/1EOH3SS",
"http://ift.tt/1FjVuls",
"http://ift.tt/1FjVulu",
"http://ift.tt/1FjVulw",
"http://ift.tt/1FjVuly",
"http://ift.tt/1xE7854",
"http://ift.tt/1FjVulz",
"http://ift.tt/1EOH2yh",
"http://ift.tt/1xE7bhc",
"http://ift.tt/1EOH49c",
"http://ift.tt/1EOH49e",
"http://ift.tt/1FjVulA",
"http://ift.tt/1FjVulB",
"http://ift.tt/1FjVvWA",
"http://ift.tt/1EOH49j",
"http://ift.tt/1EOH49l",
"http://ift.tt/1EOH2OA",
"http://ift.tt/1xE7clg",
"http://ift.tt/1EOH2OC",
"http://ift.tt/1EOH49n",
"http://ift.tt/1EOH2OD",
"http://ift.tt/1EOH49r",
"http://ift.tt/1xE7c4K",
"http://ift.tt/1FjVxh3",
"http://ift.tt/1n6JvPf",
"http://ift.tt/1n6Jw5z",
"http://ift.tt/1FjVxh5",
"http://ift.tt/1EOH49t",
"http://ift.tt/1EOH4pJ",
"http://ift.tt/1FjVvWL",
"http://ift.tt/1EOH2OK",
"http://ift.tt/1EOH2OM",
"http://ift.tt/1EOH4pL",
"http://ift.tt/1FjVxhb"
);

$possiblelink = $links[array_rand($links,1)];
return $possiblelink;
}
?>

My questions are:

  • 1 Am I safe?
  • 2 Does the bit that is meant to stop it returning the same page as you are on look like it would work? I mean i can see that it generates random links OK, because i can test it. but i want to check that it wont return the current page too.



Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)