Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Community Forums
 Community Discussions (All other subjects)
 HTTP_REFERER and Looping		  New Topic  Topic Locked
 Printer Friendly
Next Page
Author Previous Topic Topic Next Topic
Page: of 5

GauravBhabu
Advanced Member

4288 Posts
Posted - 29 January 2003 :  15:14:23  Show Profile
<edited to correct field name>
<edited to update the code - 3/17/2003>


Several members have been reporting the problems related to HTTP_REFERER causing users visiting their sites being redirected to same page again and again. The reasons being some security softwares installed on their machines, which blocks the HTTP_REFERER or send some wrong information. Norton Anti Virus, Zone Alarm etc does this. Though there are settings for these software programs which can be changed by the users. However, many times users will not understand this problem and leave the site thinking the soite has problems. I encountered the same problem on my site when I tried to register from one of my computers.

To solve this problem I did the following:


inc_func_common.asp

Added the following function and procedure


function GetReferer()
    Dim strReferer
    strReferer = lcase(Request.ServerVariables("HTTP_REFERER"))
    if strReferer = "" then 
     strReferer = "default.asp"
    elseif (Left(strReferer, len(strForumURL)) <> lcase(strForumURL)) then
     strReferer = "default.asp"
    end if
    GetReferer = strReferer
end function

sub CheckReferer(strMatchReferer, strRedirectTo)
    dim strReferer
    strReferer = lcase(Request.ServerVariables("HTTP_REFERER"))
    if InStr(strReferer, lcase(strMatchReferer)) = 0 then
     if Instr(lcase(Request.Form("REFERER_PATH")), lcase(strMatchReferer)) = 0 then  
      Response.Redirect(strRedirectTo)
      Response.End
     end if
    end if
end sub



policy.asp

Modified Line 103 as shown below (in red) and added a new hidden field just below Line 103 highlighted in blue (strScriptname is defined and populated in inc_header.asp)
"<input name=""Refer"" type=""hidden"" value=""" & GetReferer() & """>" & vbNewLine & _
"<input name=""REFERER_PATH"" type=""hidden"" value=""" & strScriptName & """>" & vbNewLine & _


register.asp

Lines 73-75
Removed the following statements
if InStr(Request.ServerVariables("HTTP_REFERER"), "policy.asp") = 0 then
	Response.Redirect("policy.asp")
end if


And replaced the above statements with the following statement


Rem - Argument1 = Path to Match, Argument2 = Redirect Path
Call CheckReferer("policy.asp", "default.asp")


Seems to work fine. Will there be any problems with this approach, which might have skipped my attetion?

Comments Please!
Edited by - GauravBhabu on 17 March 2003 21:40:26

pweighill
Junior Member

United Kingdom
453 Posts
Posted - 29 January 2003 :  15:40:35  Show Profile
The forum might not have been installed into "/forum/" so you should try not to reference it explicitly in the code.

The path can be calculated from the Request.ServerVariables("SCRIPT_NAME") variable.
Go to Top of Page

GauravBhabu
Advanced Member

4288 Posts
Posted - 29 January 2003 :  15:53:44  Show Profile
that is what I did for my forum. A general approach might be this:

<Edited: The code which I am using at my forums is posted in the first post. Removed the code from here to avoid confusion>
Edited by - GauravBhabu on 17 March 2003 21:42:47
Go to Top of Page

pweighill
Junior Member

United Kingdom
453 Posts
Posted - 29 January 2003 :  16:16:48  Show Profile
Just a few suggested changes, removed variables from first function and made the second function case insesitive

function GetReferer()
    if Request.ServerVariables("HTTP_REFERER") = "" then 
       GetReferer = "default.asp"
    else
       GetReferer = Request.ServerVariables("HTTP_REFERER")
    end if
end function

sub CheckReferer(strMatchReferer, strRedirectTo)
    if InStr(lcase(Request.ServerVariables("HTTP_REFERER")), lcase(strMatchReferer)) = 0 then
     if Instr(lcase(Request.Form("REFERER_PATH")), lcase(strMatchReferer)) = 0 then  
      Response.Redirect(strRedirectTo)
      Response.End
     end if
    end if
end sub
Edited by - pweighill on 29 January 2003 16:17:49
Go to Top of Page

GauravBhabu
Advanced Member

4288 Posts
Posted - 29 January 2003 :  16:25:52  Show Profile
quote:
Originally posted by pweighill

Just a few suggested changes, removed variables from first function and made the second function case insesitive


I prefer to use variables for future changes where the same values might be used repeatedly. Making it case insenstive is a good approach.
Go to Top of Page

GauravBhabu
Advanced Member

4288 Posts
Posted - 29 January 2003 :  16:42:12  Show Profile
I have seen some posts where it was mentioned that HTTP_REFERER returned some strange values. For that situation I modified the function GetReferer. Also applied the changes suggested by pweighill

<Edited: Posted the updated code in First Post. Removed from here to avoid confusion.>
Edited by - GauravBhabu on 17 March 2003 21:33:13
Go to Top of Page

TestMagic
Senior Member

USA
1568 Posts
Posted - 26 February 2003 :  19:02:01  Show Profile  Visit TestMagic's Homepage
GauravBhabu, is this working for you? I just tried to register at your site, but getting the There has been a Problem. message.
Snitz rocks! · Search 2
Go to Top of Page

GauravBhabu
Advanced Member

4288 Posts
Posted - 17 March 2003 :  07:31:12  Show Profile
You might have missed filling all the required fields. At what point during registration you get this message?
Go to Top of Page

TestMagic
Senior Member

USA
1568 Posts
Posted - 17 March 2003 :  15:02:07  Show Profile  Visit TestMagic's Homepage
Sorry, I should have been clearer: when I click "agree" on policy.asp, I go to an error page that tells me I need to read the agreement (BTW, I saw a typo in your menu tree: "Registeration Form")

Just tried it again, same thing. Of course, I could try disabling my NIS firewall to register, but that would defeat the purpose, right?
Snitz rocks! · Search 2
Edited by - TestMagic on 17 March 2003 15:46:31
Go to Top of Page

GauravBhabu
Advanced Member

4288 Posts
Posted - 17 March 2003 :  20:11:39  Show Profile
What link you used for my forums? Try here
CSS and HTML4.01 Compilant Snitz Forum . ForumSquare . Rakesh Jain

It is difficult to IMPROVE on Perfection, There is no harm in Keep Trying.

Prayer Of Forgiveness
"I forgive all living beings. May all living beings forgive me!
I cherish the friendliness towards all and harbour enmity towards none." -- Aavashyaka Sutra(Translated)
Go to Top of Page

TestMagic
Senior Member

USA
1568 Posts
Posted - 17 March 2003 :  21:01:55  Show Profile  Visit TestMagic's Homepage
Ah! Got it! I was using your forumsquare link (that's you, right?).

But I couldn't register with this nick (no "test" allowed), so I had to use a different nick.
Snitz rocks! · Search 2
Go to Top of Page

GauravBhabu
Advanced Member

4288 Posts
Posted - 17 March 2003 :  21:07:26  Show Profile
Forumsquare is also mine but I have not upgraded to current version yet.

So you were able to register without disabling firewalls etc. Correct?
Go to Top of Page

TestMagic
Senior Member

USA
1568 Posts
Posted - 17 March 2003 :  21:12:45  Show Profile  Visit TestMagic's Homepage
Yes, correct. Everything went well, even though my Norton IS firewall was enabled.
Snitz rocks! · Search 2
Go to Top of Page

GauravBhabu
Advanced Member

4288 Posts
Posted - 17 March 2003 :  21:44:41  Show Profile
Updated the Code posted in first post with correction discussed in this thread.
Go to Top of Page

numbernine
Starting Member

3 Posts
Posted - 19 March 2003 :  12:21:35  Show Profile  Visit numbernine's Homepage  Send numbernine an AOL message  Send numbernine an ICQ Message  Send numbernine a Yahoo! Message
Thank you GauravBhabu, your good work has saved me much time and aggravation.
Go to Top of Page

Glitch
Starting Member

Netherlands
8 Posts
Posted - 27 March 2003 :  16:59:43  Show Profile  Visit Glitch's Homepage
First of all... i like what you guys created here, very nice!

I'm a starting member with programming knowledge next to none and just starting of with Snitz. I've downloaded a completely modified forum (the one from serverhacker) and installed it on my localhost with IIS5 on my WinXP machine, just to learn more about Snitz before starting up a real forum.

I stumbled upon the above problem since i have Zone Alarm pro installed. I already had privacy control disabled but i still couldnt log on an kept being redirected. I was glad to find this solution but after follow the directions of GauravBhabu i still couldt log on without having to disable ZA pro. Where did i go wrong?

I pasted the function and procedure into inc_func_common.asp
I replaced the Request.ServerVariables("HTTP_REFERER") with GetRefer() in policy.asp and pasted this line "<input name=""REFERER_PATH"" type=""hidden"" value=""" & strScriptName & """>" & vbNewLine & _ under it.
And at last i replaced:
if InStr(Request.ServerVariables("HTTP_REFERER"), "policy.asp") = 0 then Response.Redirect("policy.asp")
end if

with

Rem - Argument1 = Path to Match, Argument2 = Redirect Path
Call CheckReferer("policy.asp", "default.asp")

Could someone please help this rookie here?

thanx in advance
Go to Top of Page
Page: of 5 Previous Topic Topic Next Topic  
Next Page
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.3 seconds. Powered By: Snitz Forums 2000 Version 3.4.07