Hopefully your not doing this to protect a document. The HTTP_REFERER header is incredibly easy to fake. The other problem is that not all browsers will supply it.

-Lee

"To be civilized is to deny one's nature."