Determining Referer in PHP

Question

What is the most reliable and secure way to determine what page either sent, or called (via AJAX), the current page. I don\'t want to use the $_SERVER[\'HTTP_REFERER

Answer 1

Using $_SERVER['HTTP_REFERER']

The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.

if (!empty($_SERVER['HTTP_REFERER'])) {
    header("Location: " . $_SERVER['HTTP_REFERER']);
} else {
    header("Location: index.php");
}
exit;