altering the http referal string

i wnt to test out a few methods i've thought of to try and keep people from sending a fake referer string to post from outside of my sites domain. however im unsure how I can test this, does anybody know a way to alter the referal string in php so i can test them?
tsmittAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SynstheCommented:
I have a function that can do this, however, I don't really want to post it in a public forum. It's not like the function itself is hard to do or anything, however I don't want to make it uber-easy for anybody who wants to do a search and pull up the function from my post here, then use it to attempt some malicious actions.

Paranoia? Yeah, probably. Oh well. =)

Drop me your email address and I'll send it to ya.
0
tsmittAuthor Commented:
hey that was an even quicker response then the one i got earlier i think. this place is cool.

tsmitt@email.com, i'll "accept comment as answer" if it works.
0
SynstheCommented:
Ah to hell with it. I found this function in a public forum, so it is out there for anybody who's intent on not writing it themselves anyway. Here is the code:

 1: function sendPost($host, $path, $data_to_send, $referer="", $useragent="") {
 2:
 3:    $fp = fsockopen($host,80);
 4:
 5:    $sendPost = "POST $path HTTP/1.1\n".
 6:                "Host: $host\n".
 7:                "Content-type: application/x-www-form-urlencoded\n".
 8:                "Content-length: ".strlen($data_to_send)."\n";
 9:
10:     if ($referer)
11:         $sendPost .= "Referer: $referer\n";
12:
13:     if ($useragent)
14:         $sendPost .= "User-Agent: $useragent\n";
15:
16:     $sendPost .= "Connection: close\n\n".
17:                  "$data_to_send".
18:
19:     fputs($fp, $sendPost);
20:
21:     while (!feof($fp)) {
22:             echo fgets($fp, 128);
23:     }
24:     fclose($fp);
25: }
26:
27: $host      = 'www.example.com';
28: $path      = '/cgi-bin/post.cgi';
29: $referer   = 'http://www.somehost.com';
30: $useragent = 'Marmoset Explorer 2000';
31: $data      = 'var=value&more=less&this=that';
32:
33: sendPost ($host, $path, $data, $referer, $useragent);

Modify the values as you so wish. $host and $path is where you want to post the data to. $data is the var/values in normal query string fashion.

This should work for ya.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SynstheCommented:
Damned thing wrapped a few lines of code, but the line umbers should help sort that out.
0
tsmittAuthor Commented:
thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.