Ok, now I'm obsessed.
Check it out, here is my script with your version of the if evaluation:
Code:
<?php
// simple cloaker
$referer= $_SERVER['HTTP_REFERER'];
// edit these variables
$hidefrom = array("dev.facebook", "devrs001.facebook.com", "/intern/ads/review.php");
$normal_url ="www.evil-landing-page.com";
$cloaked_url ="www.passable-landing-page.com";
// uncomment below for testing yourself as one of the referers
$referer = "dev.facebook";
foreach ( $hidefrom as $value ) {
if (strpos($referer, $value )) {
header("Location: http://" . $cloaked_url );
exit;
}
}
header("Location: http://" . $normal_url );
exit;
?>
Try it out. It doesn't work. It redirects to evil landing page. At least for me. (??)
Sean
It can't work because the position of "dev.facebook" in "dev.facebook" is 0, which will return false. That's what ryan pointed out
The way you did it with !== works with the temp $referer because it compares the type, and 0 is not false. Lol. I guess it depends on how you want to do it.
So in the light of this example, using strpos, I'd say you are actually right and the methods are not
exactly the same. I'm used to writing it the short way and that's why I put it up like that, it was a quick answer and I should have given the strpos more thought.
Btw if you replace the temporary $referer variable with "http://dev.facebook.com", it will work because the position is not 0, but 7. This actually also closer to real life, because it is what $_SERVER['HTTP_REFERER'] returns.
So...
* my example works in real life and is shorter.
* your example works in real life and is better.
* cloaking by referer is unreliable anyway.
* omitting the type check === when using strpos this way is a bad idea.
* now let's have a drink!
Cheers
