Hi:

Been thinking about security recently, and thought I would toughen things up on my site. So I wrote a quick little $ENV(HTTP_REFERER} check as a subroutine, and add a call to it where needed, anytime a user has input (Like reviews, bad link reports, etc.).

As I added it to add.cgi, I noticed a GT version of this same subroutine, with a call to 'db_referers' in config. Cool!

OK, here is my question... HOW do I put the OK referers in there.... like this:

"www.bcdb.com" , "www.cartoondb.com" , "www.cartoon-db.com"

or like this:

www.bcdb.com, www.cartoondb.com, www.cartoon-db.com


(This ALWAYS confuses me. )

Thanks!

dave

I just found something else hiding in config: 'db_rate_expire'

I ASSUME this is how long to hold an IP in Rate Tracking, so someone cannot just clobber the ratings... and I assume that 2 there means days. Right?

Any other gems hiding in there? Is there a documenation on these hidden beauties I missed somewhere?

Dave

Hi,

No quotes:

www.bcdb.com,www.cartoondb.com,www.cartoon-db.com

would be perfect.

Cheers,

Alex

--
Gossamer Threads Inc.

Hi,

Actually, that gem isn't used. =) It's in nph-build, sub build_reset_hits:

my $delete_by = GT::Date::date_get ( time() - 172800 ); # 2 days old

It's hard coded in at 2 days.

Cheers,

Alex

--
Gossamer Threads Inc.

Alex:

Thanks for straightening me out!

dave

Alex:

not to be criticaL ;)

BUT THE "my $delete_by ..." expression is in Links:Build...

at least in 2.04 (or, at least my current install, which should be 2.04!)

I only mention it in case anyone else is looking!

dave