Hi all,
I'm adding in a check referer function similar to one I found in the Links 2.0 forum and I'm running into a problem I can't find any reference to in this forum. I found the reference to checking referers to prevent spamming the directory by denying certain referers, but I want to do the opposite and make sure some of my scripts are only called by visitors already at my site to prevent auto submissions and other things that should never be called directly from anywhere but my site.
The error message I'm getting in the log is this:
malformed header from script. Bad header=<html>: /www/cgi-bin/jump.cgi
so I know I'm somehow missing the print header statement and I may even be going about this wrong way.
The code I have changed to get this to work is the following..
- redirect.cgi
after
use Links::DBSQL;
add
use Links::HTML_Templates;
after
my ($db, $id, $sth, $total, $rec, $offset, $goto, $track, $update);
add
# First make sure it's coming from our site
&check_referer;
- in HTML_Templates.pm
in
@EXPORT
add
&check_referer
after this section
%GLOBALS = (
add
sub check_referer {
# --------------------------------------------------------
# Check for valid referer
#
if (@{$LINKS{db_referers}}) {
my $found = 0;
foreach (@{$LINKS{db_referers}}) {
$ENV{'HTTP_REFERER'} =~ /$_/i and $found++ and last;
}
if (!$found) {
&site_html_error ( { error => "Error message here..." }, my $dynamic);
return;
}
}
}
- Links.pm
edit this line to add accepted referers
$LINKS{db_referers} = [];
If I go to a link from my site, it works fine, however, when I try to type in a url directly so there will be no referer, then I get the error message above.
Anyone have any idea what I missed?
Jerry
I'm adding in a check referer function similar to one I found in the Links 2.0 forum and I'm running into a problem I can't find any reference to in this forum. I found the reference to checking referers to prevent spamming the directory by denying certain referers, but I want to do the opposite and make sure some of my scripts are only called by visitors already at my site to prevent auto submissions and other things that should never be called directly from anywhere but my site.
The error message I'm getting in the log is this:
malformed header from script. Bad header=<html>: /www/cgi-bin/jump.cgi
so I know I'm somehow missing the print header statement and I may even be going about this wrong way.
The code I have changed to get this to work is the following..
- redirect.cgi
after
use Links::DBSQL;
add
use Links::HTML_Templates;
after
my ($db, $id, $sth, $total, $rec, $offset, $goto, $track, $update);
add
# First make sure it's coming from our site
&check_referer;
- in HTML_Templates.pm
in
@EXPORT
add
&check_referer
after this section
%GLOBALS = (
add
sub check_referer {
# --------------------------------------------------------
# Check for valid referer
#
if (@{$LINKS{db_referers}}) {
my $found = 0;
foreach (@{$LINKS{db_referers}}) {
$ENV{'HTTP_REFERER'} =~ /$_/i and $found++ and last;
}
if (!$found) {
&site_html_error ( { error => "Error message here..." }, my $dynamic);
return;
}
}
}
- Links.pm
edit this line to add accepted referers
$LINKS{db_referers} = [];
If I go to a link from my site, it works fine, however, when I try to type in a url directly so there will be no referer, then I get the error message above.
Anyone have any idea what I missed?
Jerry