Gossamer Forum
Home : Products : Gossamer Links : Version 1.x :

How to make a refferdomain security in page.cgi ?

Quote Reply
How to make a refferdomain security in page.cgi ?
Hello all,

I wanna make a refferdomain security in dynamic mode, so that only 1 domain can use a specific template.

I try to explain:

Let say linkssql is on www.domeinmain.com and i have a template called secured.

We have a second domein called www.seconddomain.com.

We have the following url on www.seconddomain.com :
http://www.domeinmain.com/cgi-bin/page.cgi?g=&t=secured&d=1

The template secured may only be displayed when the reffer domain is www.seconddomain.com so this will display if it's in the refferlist.

Then we have a url on www.fivemain.com (or some other domain that's not on the refferlist):
http://www.domeinmain.com/cgi-bin/page.cgi?g=&t=secured&d=1 but this 1 will not be displayed because it's not on the refferdomainlist.

I hope you see what i mean?

So i wanna make a reffer list like:
template: secured refferdomain: domain1,domain2
closed refferdomain: domain 3,domain4

This have to be modified in the page.cgi i quess, i tried something (del *.* Smile) but i can't figure it out.

I hope you can help me.

Allready thanks.

Regard Startpoint.


Quote Reply
Re: How to make a refferdomain security in page.cgi ? In reply to
One suggestion is to look at the HTTP REFERER codes used in the other .cgi scripts. You could port those codes into page.cgi using conditional statements with the t parameter.

Example::

Code:

if ($ENV{'HTTP_REFERER'} eq 'value') {
$t = 'value';
}
else {
$t = 'value';
}


Regards,

Eliot Lee

Quote Reply
Re: How to make a refferdomain security in page.cgi ? In reply to
Thanks AnthroRules for your reply.

I must be sleeping because i have about 1000 scripts with http referer in it. Why do i think that
sqllinks isn't a 'standard' script where you can port code easily ? Smile

Regards Startpoint.

Quote Reply
Re: How to make a refferdomain security in page.cgi ? In reply to
Probably because you are getting tripped up with the SQL portion of the script, which is only used in the DBSQL.pm. The cgi scripts use Perl, so don't worry. The only difference between regular Perl scripts and using strict Perl is that you need to identify variables as GLOBAL using my $variable.

Regards,

Eliot Lee

Quote Reply
Re: How to make a refferdomain security in page.cgi ? In reply to
In Reply To:
Probably because you are getting tripped up with the SQL portion of the script, which is only used in the DBSQL.pm.
You got that right. Now that i am working on the script about 20 hours Smile a day the last 2 week i am learning it day by day.

In Reply To:
identify variables as GLOBAL using my $variable.
Ok thanks.

Regards Startpoint.

Quote Reply
Re: How to make a refferdomain security in page.cgi ? In reply to
Hello all,

Maybe i have the reffercode to add in page.cgi. But i don't know if it works without problems Smile.
Code:
replace:
my $in = new CGI;
my $page = $in->param('g');
Code:
with:

# *** Extra routine reffercheck
my @your_server = ("yourdomainnameallow1.com","yourdomainnameallow1.com");
my $good_ref = '';
my $errorrefferpage = "yourpagetodisplayifnotallowed.html";

my $in = new CGI;
my $page = $in->param('g');

if ($ENV{'HTTP_REFERER'}) {
foreach (@your_server) {
if ($ENV{'HTTP_REFERER'} =~ /$_/i) {
$good_ref=1;
}
}
}
else { $good_ref=0; }

unless ($good_ref) {
print "Location: $errorrefferpage\n\n";
exit;
}
# end reffercheck.
So maybe a perl pro expert can give comments on this because i am still learning :)...
Like: maybe it's better to make a subroutine for it ?

Well i seem to work for me.

Regards startpoint.