Is there any way to ensure that the script fails if run from another site. I could use the HTTP_REFERER var except that there is no guarantee it is defined.
Best I can figure is NO - but I'd like to be wrong.
Kaled.
@referers = ('www.example.com','example.com');
if ($ENV{'HTTP_REFERER'}) {
foreach $referer (@referers) {
if ($ENV{'HTTP_REFERER'} =~ m¦https?://([^/]*)$referer¦i) {
$check_referer = 1;
last;
}
}
} else {
$check_referer = 0;
}
I guess I could also check ip addresses and set a limit of, say 3 a day from the same IP address. Could be a problem with proxies though.
Thanks again,
Kaled.
It's also a problem for people accessing the script from shared IP's (ie. work, schools...) and for people on dynamic IPs.
Here's a modified version of the script snippet. It will send you back to a specific address and terminate the script if you don't come from the right domain. OTOH, if you come from the right domain it will just carry on with the rest of the script. Place it before the rest of the code.
---------------------------------
@referers = ('www.example.com','example.com');
$go_back_to = "http://www.example.com/some-page.htm";
if ($ENV{'HTTP_REFERER'}) {
foreach $referer (@referers) {
if ($ENV{'HTTP_REFERER'} =~ m¦http://([^/]*)$referer¦i) {
return;
last;
}
}
} else {
print "Location: $go_back_to\n\n";
exit;
}
---------------------------------
One of these days I'll learn to write a simple program. I thought I'd get it done in ~ 150 lines of code. I'm well on the way to 400. Nevermind, it's a good way to learn Perl I guess.
Kaled.
