| Author |
 Topic  |
|
GauravBhabu
Advanced Member
4288 Posts |
 Posted - 29 January 2003 : 15:14:23
|
<edited to correct field name>
<edited to update the code - 3/17/2003>
Several members have been reporting the problems related to HTTP_REFERER causing users visiting their sites being redirected to same page again and again. The reasons being some security softwares installed on their machines, which blocks the HTTP_REFERER or send some wrong information. Norton Anti Virus, Zone Alarm etc does this. Though there are settings for these software programs which can be changed by the users. However, many times users will not understand this problem and leave the site thinking the soite has problems. I encountered the same problem on my site when I tried to register from one of my computers.
To solve this problem I did the following:
inc_func_common.asp
Added the following function and procedure
function GetReferer()
Dim strReferer
strReferer = lcase(Request.ServerVariables("HTTP_REFERER"))
if strReferer = "" then
strReferer = "default.asp"
elseif (Left(strReferer, len(strForumURL)) <> lcase(strForumURL)) then
strReferer = "default.asp"
end if
GetReferer = strReferer
end function
sub CheckReferer(strMatchReferer, strRedirectTo)
dim strReferer
strReferer = lcase(Request.ServerVariables("HTTP_REFERER"))
if InStr(strReferer, lcase(strMatchReferer)) = 0 then
if Instr(lcase(Request.Form("REFERER_PATH")), lcase(strMatchReferer)) = 0 then
Response.Redirect(strRedirectTo)
Response.End
end if
end if
end sub
policy.asp
Modified Line 103 as shown below (in red) and added a new hidden field just below Line 103 highlighted in blue (strScriptname is defined and populated in inc_header.asp)
"<input name=""Refer"" type=""hidden"" value=""" & GetReferer() & """>" & vbNewLine & _
"<input name=""REFERER_PATH"" type=""hidden"" value=""" & strScriptName & """>" & vbNewLine & _
register.asp
Lines 73-75
Removed the following statements
if InStr(Request.ServerVariables("HTTP_REFERER"), "policy.asp") = 0 then
Response.Redirect("policy.asp")
end if
And replaced the above statements with the following statement
Rem - Argument1 = Path to Match, Argument2 = Redirect Path
Call CheckReferer("policy.asp", "default.asp")
Seems to work fine. Will there be any problems with this approach, which might have skipped my attetion?
Comments Please!
|
Edited by - GauravBhabu on 17 March 2003 21:40:26 |
|
|
pweighill
Junior Member
United Kingdom
453 Posts |
Posted - 29 January 2003 : 15:40:35
|
The forum might not have been installed into "/forum/" so you should try not to reference it explicitly in the code.
The path can be calculated from the Request.ServerVariables("SCRIPT_NAME") variable.
|
 |
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 29 January 2003 : 15:53:44
|
that is what I did for my forum. A general approach might be this:
<Edited: The code which I am using at my forums is posted in the first post. Removed the code from here to avoid confusion>
|
Edited by - GauravBhabu on 17 March 2003 21:42:47 |
|
|
|
pweighill
Junior Member
United Kingdom
453 Posts |
Posted - 29 January 2003 : 16:16:48
|
Just a few suggested changes, removed variables from first function and made the second function case insesitive
function GetReferer()
if Request.ServerVariables("HTTP_REFERER") = "" then
GetReferer = "default.asp"
else
GetReferer = Request.ServerVariables("HTTP_REFERER")
end if
end function
sub CheckReferer(strMatchReferer, strRedirectTo)
if InStr(lcase(Request.ServerVariables("HTTP_REFERER")), lcase(strMatchReferer)) = 0 then
if Instr(lcase(Request.Form("REFERER_PATH")), lcase(strMatchReferer)) = 0 then
Response.Redirect(strRedirectTo)
Response.End
end if
end if
end sub |
Edited by - pweighill on 29 January 2003 16:17:49 |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 29 January 2003 : 16:25:52
|
quote:
Originally posted by pweighill
Just a few suggested changes, removed variables from first function and made the second function case insesitive
I prefer to use variables for future changes where the same values might be used repeatedly. Making it case insenstive is a good approach. |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 29 January 2003 : 16:42:12
|
I have seen some posts where it was mentioned that HTTP_REFERER returned some strange values. For that situation I modified the function GetReferer. Also applied the changes suggested by pweighill
<Edited: Posted the updated code in First Post. Removed from here to avoid confusion.> |
Edited by - GauravBhabu on 17 March 2003 21:33:13 |
|
|
|
TestMagic
Senior Member
USA
1568 Posts |
Posted - 26 February 2003 : 19:02:01
|
| GauravBhabu, is this working for you? I just tried to register at your site, but getting the There has been a Problem. message. |
Snitz rocks! · Search 2 |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 17 March 2003 : 07:31:12
|
| You might have missed filling all the required fields. At what point during registration you get this message? |
|
|
|
TestMagic
Senior Member
USA
1568 Posts |
Posted - 17 March 2003 : 15:02:07
|
Sorry, I should have been clearer: when I click "agree" on policy.asp, I go to an error page that tells me I need to read the agreement (BTW, I saw a typo in your menu tree: "Registeration Form")
Just tried it again, same thing. Of course, I could try disabling my NIS firewall to register, but that would defeat the purpose, right? |
Snitz rocks! · Search 2 |
Edited by - TestMagic on 17 March 2003 15:46:31 |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 17 March 2003 : 20:11:39
|
| What link you used for my forums? Try here |
CSS and HTML4.01 Compilant Snitz Forum . ForumSquare . Rakesh Jain
It is difficult to IMPROVE on Perfection, There is no harm in Keep Trying.
Prayer Of Forgiveness "I forgive all living beings. May all living beings forgive me!
I cherish the friendliness towards all and harbour enmity towards none." -- Aavashyaka Sutra(Translated) |
|
|
|
TestMagic
Senior Member
USA
1568 Posts |
Posted - 17 March 2003 : 21:01:55
|
Ah! Got it! I was using your forumsquare link (that's you, right?).
But I couldn't register with this nick (no "test" allowed), so I had to use a different nick. |
Snitz rocks! · Search 2 |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 17 March 2003 : 21:07:26
|
Forumsquare is also mine but I have not upgraded to current version yet.
So you were able to register without disabling firewalls etc. Correct? |
|
|
|
TestMagic
Senior Member
USA
1568 Posts |
Posted - 17 March 2003 : 21:12:45
|
| Yes, correct. Everything went well, even though my Norton IS firewall was enabled. |
Snitz rocks! · Search 2 |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 17 March 2003 : 21:44:41
|
| Updated the Code posted in first post with correction discussed in this thread. |
|
|
|
numbernine
Starting Member
3 Posts |
Posted - 19 March 2003 : 12:21:35
|
| Thank you GauravBhabu, your good work has saved me much time and aggravation. |
|
|
|
Glitch
Starting Member
Netherlands
8 Posts |
Posted - 27 March 2003 : 16:59:43
|
First of all... i like what you guys created here, very nice!
I'm a starting member with programming knowledge next to none  and just starting of with Snitz. I've downloaded a completely modified forum (the one from serverhacker) and installed it on my localhost with IIS5 on my WinXP machine, just to learn more about Snitz before starting up a real forum.
I stumbled upon the above problem since i have Zone Alarm pro installed. I already had privacy control disabled but i still couldnt log on an kept being redirected. I was glad to find this solution but after follow the directions of GauravBhabu i still couldt log on without having to disable ZA pro. Where did i go wrong?
I pasted the function and procedure into inc_func_common.asp
I replaced the Request.ServerVariables("HTTP_REFERER") with GetRefer() in policy.asp and pasted this line "<input name=""REFERER_PATH"" type=""hidden"" value=""" & strScriptName & """>" & vbNewLine & _ under it.
And at last i replaced:
if InStr(Request.ServerVariables("HTTP_REFERER"), "policy.asp") = 0 then Response.Redirect("policy.asp")
end if
with
Rem - Argument1 = Path to Match, Argument2 = Redirect Path
Call CheckReferer("policy.asp", "default.asp")
Could someone please help this rookie here?
thanx in advance |
 |
|
|
|
Topic |
|
Topic Locked
