Search Tools Links Login

Site Post Check


Checks the HTTP Referer header to ensure people are not posting from other websites. You can include this file if you use templates on your website, or just include it on the pages that receive form data posts.
Warning - someone who knows there stuff can get around this by modifying there HOST file. this isn't 100% fool proof, but it may deter most from posting data from other websites.

Original Author: Lewis E. Moten III

Code

<%
Call SitePostCheck()
Sub SitePostCheck()
Dim lblnPost ' user posted data to page?
Dim lstrReferer ' page user is comming from
Dim lstrHost ' server user is on
lblnPost = Request.ServerVariables("REQUEST_METHOD") = "POST"
' if data wasn't posted, everythign is ok
If Not lblnPost Then Exit Sub
lstrReferer = Request.ServerVariables("HTTP_REFERER")
lstrHost = Request.ServerVariables("HTTP_HOST")
' If user is posting from antoher website
If InStr(1, lstrReferer, "//" & lstrHost & "/", vbTextCompare) = 0 Then
%>

Security Alert




The security of this web site does not allow you to post
data from other websites.



<%
Response.End

End If
End Sub
%>

About this post

Posted: 2002-06-01
By: ArchiveBot
Viewed: 93 times

Categories

ASP/ HTML

Attachments

No attachments for this post


Loading Comments ...

Comments

No comments have been added for this post.

You must be logged in to make a comment.