I have a simple question. Is $_SERVER['REQUEST_URI'] sent by the client's browser, or by the server? I am pretty sure based on PHP docs that it is defined by the server.

My second question is, would $_SERVER['REQUEST_URI'] return the same thing for both of the following?

http://mysite.com/index.php?skjwlfjw
http://mysite.com/index.php

Essentially, I am asking whether or not the query string makes a difference.

The reason is because I need to know if this is an ok solution for an authorization check to a webpage. Would something like the following be secure?

PHP Code:
if($_SERVER['REQUEST_URI'] != $allowed_uri){
exit;
}

// page content 

Thanks in advance.