Nick Han
>>> [EMAIL PROTECTED] 02/27/04 12:09PM >>>
I want to protect action pages from unauthorized forms that are not on the
same server, namely spammers. I wrote this simple script that will work in
conjunction with my other form validation scripts to ensure a referrer comes
from the same CGI.HTTP_HOST.
<cftry>
<cfscript>
message = "";
errors = 0;
if ( NOT FindNoCase(CGI.HTTP_HOST,CGI.HTTP_REFERER) ) {
message = "You cannot access this page";
errors = 1;
}
</cfscript>
<cfif errors EQ 1 >
<cfthrow message="#message#" type="goBack">
</cfif>
<cfcatch type="Any">
<cfoutput>
<h3>#message#</h3>
</cfoutput>
</cfcatch>
</cftry>
Does anyone see any holes that I should address, or is there a better
solution?
Thank you,
Aftershock Web Design, Inc.
by: Stan Winchester
President/Developer
[EMAIL PROTECTED]
http://www.aftershockweb.com/
Tel. 503-244-3440
Fax 503-244-3454
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]