On Oct 14, 2004, at 11:39 AM, Terry Vogelaar wrote:
Hi,
I need to make a CGI that uses a user name and password to determine
what privileges the user has. But using the browser history, another
person that uses the computer after he has closed the session, can
resume it without having to know the password.
Normally with CGI, PHP or ASP there is an elegant solution to it by
using $HTTP_REFERER to check where the user comes from. It is also
very useful to find out which search engines and link pages are
actually used. But I can't find it in the list of web server globals
when using a RunRev CGI. Can it be made available in any way? Is there
an alternative way to be sure the user isn't using the bookmarks or
the history of his browser?
Terry
Terry,
I think apache sets this variable as a common shell variable during the
execution of the rev engine. So you can access it like any other shell
variable. Use the msgbox to inspect all the globals and you see the
syntax, try a put $HTTP_REFERER in the cgi. Anyway, do not put all your
trust on this, it can be faked
andre
___
use-revolution mailing list
[EMAIL PROTECTED]
http://lists.runrev.com/mailman/listinfo/use-revolution
--
Andre Alves Garzia 2004 BRAZIL
http://studio.soapdog.org
___
use-revolution mailing list
[EMAIL PROTECTED]
http://lists.runrev.com/mailman/listinfo/use-revolution