I had thought the @db-referer URL in links.cfg would prevent any spam in Links2, but that is obviousely not the case as i am currently spammed with porn crap that is all hosted on a www.sexisp.com site.
they replied to my email and seem to be a "clean" porn webspace provider that are also just used by a hacker (or nutcase) who seems pretty good at his/her job.
The fake emails used for submissions are actual emails probably hacked or baught from a large database or so, 500 links poored in a day, each invidual, even after i took the "add.html" page completely off line and even after i installed a block on sexisp.com.
Right now i have deleted add.pl completely out of links and no submissions at all can come in but that is no solution.

Anyone a good tip on spam prevention in plain english (i am a beginner with all of this i'd say)
Rudolf

One suggestion use the add confirm instructions I gave here:

http://www.gossamer-threads.com/...w=collapsed&sb=5

Except instead of using:

# We are processing the form.
if (keys %in != 0) {
$in{'add'}? &process_form : &site_html_confirm_add;
}

Use:

if (keys %in != 0) {
if ($in{'add'} and ($ENV{'HTTP_REFERER'} ne "http://path/to/your/add.cgi")){
print "Error auto submission/spamming is not allowed!" and return;
}
else {
$in{'add'}? &process_form : &site_html_confirm_add;
}
}



Glenn

Links 2 Mods Site:
http://cgi-resource.co.uk/pages/links2mods.shtml

Also READ the following Thread (one below the one you ADDED!)

http://www.gossamer-threads.com/perl/forum/showflat.pl?Cat=&Board=L2Disc&Number=105547&page=0&view=collapsed&sb=5

Regards,

Eliot Lee

Thanks Glennu,

now i am not realy a cgi doctor at all
and i am a bit confused with the whole list of
things that have to be done and that (in your exchange with antrorules) you changed from the first posting of this confirmation addon.
Could i ask you to give me the working final script and to-do list so i can avoid making mistakes i myself couldn't understand or fix anymore later on?

Thanks if you have the time for that and i find your cgi-resources interesting enough to list it myself in my Search Engine @
http://www.useroo.f2s.com
Rudolf

Add this sub to site html templates.pl:

sub site_html_confirm_add {
# --------------------------------------------------------
# This routine is used to display what a comment/review should look
# like.

&html_print_headers;

my $num = 0;
foreach $var (%in){
$num++;
}

$formvals .=qq|<form action= "add.cgi" method="POST">|;

for ($i = 0; $i < ($num/2); $i++) {
(($name, $value) = each %in);
$details .=qq|<b>$name:</b>$value
|;
$formvals .=qq|<input type="hidden" name="$name" value="$value">|;
}

$formvals .=qq|<input type="submit" name="add" value="Confirm Details"></form>|;

print &load_template ('add_confirm.html', {
details => $details,
formvals => $formvals,
%in,
%globals
});
}

Create a template called add_confirm.html containing the following tags:

<%details%>
<%formvals%>



In add.cgi Replace:

# We are processing the form.
if (keys %in != 0) {
&process_form;
}

With:

if (keys %in != 0) {
if ($in{'add'} and ($ENV{'HTTP_REFERER'} ne "http://path/to/your/add.cgi")){
print "Error auto submission/spamming is not allowed!" and return;
}
else {
$in{'add'}? &process_form : &site_html_confirm_add;
}
}






Glenn

Links 2 Mods Site:
http://cgi-resource.co.uk/pages/links2mods.shtml

I did what you said here.
But once I fill out my add.html page - and press "send"
- I get this error returned
"Unkown Tag: ID"
-thru the url for the add.pl file.

Any Idea why?