For example we have this URL:
https://www.domain.com/pdf.php?url=http://www.domain.com/report.php?id=341
I would like to know if it’s possible to somehow detect using PHP in report.php that pdf.php is trying to open access report.php?id=341.
If that’s possible I would limit later on that report.php can be called only by pdf.php, invoice.php etc.
BASICALY I want to make sure that report.php is requested by server and not human.
Is there perhaps a security risk?
I hope my question make sense. Thanks in advance.
You can try using the following to display the full contents of the $_SERVER array. It will show you the required variable you are looking for.