Maybe you can make rate.cgi use the same security as add.cgi, that is, mod it to use db_refferer? You would need to change the error message to "The rate feature cannot be accessed directly. Please visit the site and click on 'rate'." or something like that... Try adding this:
# Check the referer.
if (@db_referers and $ENV{'HTTP_REFERER'}) {
$found = 0;
foreach (@db_referers) {
$ENV{'HTTP_REFERER'} =~ /$_/i and $found++ and last;
}
if (!$found) {
&site_html_add_failure ("Auto submission is not allowed in this directory. Please visit the site to add your entry.");
return;
}
}
under this in rate.cgi:
sub main {
# --------------------------------------------------------
local (%in) = &parse_form;
Let us know if it works...
PS-- FYI, everytime a browser has to go to the server for something, it counts as a hit, so if a page has the html code, and five pictures (gif, jpeg...) then one visit to that page counts as six 'hits'.
Leonard
aka PerlFlunkie
# Check the referer.
if (@db_referers and $ENV{'HTTP_REFERER'}) {
$found = 0;
foreach (@db_referers) {
$ENV{'HTTP_REFERER'} =~ /$_/i and $found++ and last;
}
if (!$found) {
&site_html_add_failure ("Auto submission is not allowed in this directory. Please visit the site to add your entry.");
return;
}
}
under this in rate.cgi:
sub main {
# --------------------------------------------------------
local (%in) = &parse_form;
Let us know if it works...
PS-- FYI, everytime a browser has to go to the server for something, it counts as a hit, so if a page has the html code, and five pictures (gif, jpeg...) then one visit to that page counts as six 'hits'.
Leonard
aka PerlFlunkie
