Question : wordpress php blog

Hi Experts,

I Have a Blog In the Website www.websitename.com say at( http://www.websitename.com/wordpressBlog/ ) which is a wordpress blog.
In My Website i'm calling the wordpress blog in Iframe the url of the Iframe is ( http://www.websitename.com/Blog/ )

& i donot wan't any one to directly open the url given in the iframe i.e ( http://www.websitename.com/Blog/ ).so if any one tries it needs to show ( http://www.websitename.com/wordpressBlog/ )

1) My Question How can i achieve this i.e by php or by .htaccess and how ?


These are the things which i had tried with partial success

so added these line of code in the index.php of the wordpress


if(empty($_SERVER['HTTP_REFERER'])) header("location:http://www.websitename.com/wordpressBlog/");
// when the refferrer is empty it will redirect to my Blog with iframe


if(!strstr($_SERVER['HTTP_REFERER'],'websitename')) {
      header("location:http://www.websitename.com/wordpressBlog/");
}
//When a user is refrred from other website it will redirect to my Blog with iframe

2)The problem with this is when i open any link of the wordpress in new tab - it is opening directly http://www.websitename.com/Blog/testpage.


So how can i restrict so that it gets open with the official url http://www.websitename.com/wordpressBlog/

Answer : wordpress php blog

I would never rely on 'HTTP_REFERER'.  From < http://php.net/manual/en/reserved.variables.server.php > :

"This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted."


There was a number of solutions that I could think of for this problem.  I am not sure how reliable they are, depending on the level of security needed.


(1) Javascript:

//child.php
<script type="text/javascript">
window.onload = function() {
  alert(window.parent.location.href);
  alert(window.top.location.href);

  if(window.parent.location.href.indexOf('myparent.php') < 0) {
    window.location.replace("http://google.com");
  }
}
</script>


(2) $_GET

//parent.php
<iframe src="child.php?pw=someverylongpassword">
</iframe>

//child.php
if($_GET['pw'] != '...') {
  header(...);
  die();
}


(3) $_SESSION (don't know if this will work opening tons of tabs)

//parent.php
$_SESSION['parent'] = TRUE;

//child.php
if(!$_SESSION['parent']) {
  header(...);
}

$_SESSION['parent'] = FALSE;




You could also use htaccess ReWriteRule, but the solution would be only as good as the ones already listed.  #3 would be the most secure, if it works.  I don't think you'll be able to find a full-proof secure solution, but these solutions will work for just general purposes.  I'll let you know if I think/find of anything else.  If you need further details/helps with one of these solutions, I'll explain it in more detail.
Random Solutions  
 
programming4us programming4us