Jump to content

How to Prevent

skwap

By skwap
in PHP Coding Help

 Share

Recommended Posts

skwap Member

skwap

Posted
Posted

Hello Guys,

 

Iam making a new ad serving script. In that site every publisher can register & they will get a url to serve ads. When a user click on that url the publisher will get earnings.

But my problem is someone using something like this <iframe src="http://my-site.com/adserve.php" width = "100" height = "100"></iframe> & it will helps to get earnings without clicking on that url.

I want to prevent this type of cheating & how it can be possible ??

 

I hope a expert will replay for me. :shy:

Link to comment
Share on other sites
skwap Member

skwap

Posted
  • Author
Posted

It's a bit unclear for me what you normally expect, because you didn't describe that with an example.

May I assume you don't want to allow an Iframe? And that you just want them to leave an ordinary link?

 

yeah i want to disable the iframe from users site.

don't show the contents of url while using <iframe> i mean i want to block that way to browse the link.

Link to comment
Share on other sites
cssfreakie Regular Member

cssfreakie

Posted
Posted

well if you don't want to allow iframes. make sure the input of your users is as expected.

 

I assume you have a some sort of a form where one can insert a link (and apparently also an iframe).

What i would do is make an input field, and validate if the value is as expected. In this case is it a valid URL if not tell them.

for instance as follows:

 

<?php
$string = $_POST['url']; // value comes from form

if(filter_var($string, FILTER_VALIDATE_URL)){
    echo 'correct'; // use it
}else{
    echo 'incorrect';
}

?>

 

As for outputting the url you could use htmlspecialchars() to prevent that the current iframes are being loaded or other sneaky things happen. (mostly to deal with stuff that was not ones validated )

\
<?php
echo htmlspecialchars($url);

?>

Link to comment
Share on other sites
skwap Member

skwap

Posted
  • Author
Posted

I think you are not understood what iam say & what i expected  :'(

 

I will explain fully....

 

consider this url - http://my-site.com/ads/adserve.php

 

suppose if you visit this url then you can see the plain text "HELLO FREINDS" , i know it is also possible to show in any site by using <iframe src="http://my-site.com/ads/adserve.php" width = "100" height = "100"></iframe> it means visitors will see HELLO FRINEDS on site without visiting the url.

My aim is to block that & if a person try to get contents from http://my-site.com/ads/adserve.php by using <iframe> & they must show a blank page.

 

Got idea ??

 

 

 

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

I think you are not understood what iam say & what i expected  :'(

 

I will explain fully....

 

consider this url - http://my-site.com/ads/adserve.php

 

suppose if you visit this url then you can see the plain text "HELLO FREINDS" , i know it is also possible to show in any site by using <iframe src="http://my-site.com/ads/adserve.php" width = "100" height = "100"></iframe> it means visitors will see HELLO FRINEDS on site without visiting the url.

 

How do you figure that? If your url is loaded in an iframe it is still being "visited" by the user. The user's browser is still making the request and displaying the page. But, ok, let's just say you want to prevent your page from being loaded in an iframe. Just do a Google  search for "javascript break out of frames". There are plenty of ready made script to make a page "break out" of a frame if the browser loads it into one. Is it foolproof? Not be any means, but it should prevent the majority of users that want to do that. But, be assured that someone with even a modicum of programming skills would be able to programmatically load the content of your page without that javascript code being implemented.

Link to comment
Share on other sites
codefossa Member

codefossa

Posted
Posted

Simple Javascript to make your page the parent.

 

function makeParent()
{
    if (top.location != location)
    {
        top.location.href = document.location.href;
    }
}

 

When window loads call the function.  It will direct enough people away from them that they won't do it. :P

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.