I dont want people to be able to access any of the cgi files without being referred from my site, so at the top of each file I have replaced main(); with...

my ($found);
my @ref = ('.audio-grabber.com');
if (@ref) {
$found = 0;
if ($ENV{'HTTP_REFERER'}) {
foreach (@ref) { $ENV{'HTTP_REFERER'} =~ /\Q$_\E/i and $found++ and last; }
}
if (! $found) {
print "Content-type: text/html \n\n";
print "You cannot access this script because you have not been referred from Audio-Grabber.";
exit;
}
} else {
main();
}

When I try to access the cgi scripts through my browser if gives the correct error saying that they arent allowed to access the file, but when they click a link to the script from my website it gives an internal server error...why is this?


Thanks!

Paul Wilson.
(Dont blame me if I'm wrong!)

A 500 error is usually headers.

why can't you use the code in links:


PUGDOG®
PUGDOG® Enterprises, Inc.
FAQ: http://pugdog.com/FAQ

Hmmmmmm thats a good point....

I was originally creating the code for Links2 and then decided to change to SQL.

I want to stop all access to the cgi scripts though so wouldnt I have to use...

# Check the referer.
if (@{$CFG->{db_referers}}) {
$found = 0;
if ($ENV{'HTTP_REFERER'}) {
foreach (@{$CFG->{db_referers}}) { $ENV{'HTTP_REFERER'} =~ /\Q$_\E/i and $found++ and last; }
}
if (! $found) {
$category = _category_list();
return { error => Links::language('ADD_BADREFER', $ENV{'HTTP_REFERER'}), Category => $category };
}
}
else {
&main();
}


Paul Wilson.
(Dont blame me if I'm wrong!)

Pugdog....do you work for AT&T / IBM?

How did you get this email address....pugdog@ibm.net ?

Paul Wilson.
(Dont blame me if I'm wrong!)

No...

It's a legacy email address that is being phased out.

The "real" address is pugdog@attglobal.net

I'm going to miss this short one :(

PUGDOG®
PUGDOG® Enterprises, Inc.
FAQ: http://pugdog.com/FAQ

ohhhh I thought you owned AT&T or something.... :)

Paul Wilson.
(Dont blame me if I'm wrong!)