Site Post Check

Posted: 2002-06-01
By: ArchiveBot
Viewed: 64

Filed Under:

No attachments for this post

Checks the HTTP Referer header to ensure people are not posting from other websites. You can include this file if you use templates on your website, or just include it on the pages that receive form data posts.
Warning - someone who knows there stuff can get around this by modifying there HOST file. this isn't 100% fool proof, but it may deter most from posting data from other websites.

Original Author: Lewis E. Moten III

Code

<% Call SitePostCheck() Sub SitePostCheck() Dim lblnPost ' user posted data to page? Dim lstrReferer ' page user is comming from Dim lstrHost ' server user is on lblnPost = Request.ServerVariables("REQUEST_METHOD") = "POST" ' if data wasn't posted, everythign is ok If Not lblnPost Then Exit Sub lstrReferer = Request.ServerVariables("HTTP_REFERER") lstrHost = Request.ServerVariables("HTTP_HOST") ' If user is posting from antoher website If InStr(1, lstrReferer, "//" & lstrHost & "/", vbTextCompare) = 0 Then %>

`Security Alert`


		
		
			The security of this web site does not allow you to post
			data from other websites.
		

		
		<%
		Response.End
		
	End If
End Sub
%>

Comments on this post

No comments have been added for this post.

You must be logged in to make a comment.