3
Quote:
the domain you are coming from
You mean they're clicking on a link to get to the site, so that their HTTP_REFERER indicates the domain on which they clicked the link?
Assuming that HTTP_REFERER isn't getting blocked, you could try something like this:
if (@$_SERVER['HTTP_REFERER'] == 'one.example.com') {
define('XOOPS_URL', 'http://two.example.com');
} else {
define('XOOPS_URL', 'http://three.example.com');
}
You could also test the IP address by using $_SERVER['REMOTE_ADDR'] instead of $_SERVER['HTTP_REFERER'].
Offhand, I can't think of any security issues. You have to keep in mind that HTTP_REFERER can be spoofed, so you shouldn't depend on that for authorization.
