need script (check referrer)

I need to modify my already functional perl scripts to only be executed when they are being referred by a specific web page.  The scripts are being called directly from a frameset called "frameset.html" and each perl script is being executed in its own frame.  If the referring page is invalid (referring page isn't "frameset.html"), a new window will open with the page "NotAuthorized.html".  This is how I need to format the perl script:

1) Check referring page (frameset.html)

2) IF referring page is OK, THEN
    --some other perl stuff--
    print "content-type: text/html\n\n";
    print "<html><body>Blah..Blah..Blah</body></html>";

3) ELSE, If referring page is NOT OK,
    print "content-type: text/html\n\n";
    print "{script to open new window with NotAuthorized.html}"; (**this I CAN do**)

4) exit;

My final question concerning this script is..will the user have to have 'cookies' enabled for the script to work since it will be verifying the referring page?

I'm not too good at perl, so if I could get a fully funcional script (except for the stuff I can already do) and maybe a little explanation, I would be very appreciative.  Thanks!

Tim
     
LVL 1
GorGor1Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
guadalupeConnect With a Mentor Commented:
$referer_path = "http://yourdomain.com.ar/your_dir/referer.htm";

if ($ENV{HTTP_REFERER} eq $referer_path)
{
    #SHOW PAGE
}

{
    #SHOW Denied Message
}

0
 
guadalupeCommented:
$referer_path = "http://yourdomain.com.ar/your_dir/referer.htm";

if ($ENV{HTTP_REFERER} eq $referer_path)
{
    #SHOW PAGE
}
else
{
    #SHOW Denied Message
}

0
 
GorGor1Author Commented:
Sorry, really dumb question...Does the 'ar' in 'yourdomain.com.ar' need to be included in the script even if my domain is 'yourdomain.com'?
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
GorGor1Author Commented:
and also, does this script's proper functionality depend on the user's cookies being enabled? (i wouldn't think so)
0
 
guadalupeCommented:
NO!  Sorry that was left over from a copy paste.  Yo should set the $referer_path to the actual path of the page doing the calling to the script...  THAT MEANS the page of the frameset that is the form not the frameset page!!!!!!!!
0
 
guadalupeCommented:
No cookies dond have to be enables....

and come to think of it $referer_path should really be called $referer_url or somthing like that just for neatness sake...
0
 
GorGor1Author Commented:
"THAT MEANS the page of the frameset that is the form not the frameset page!!!!!!!!"

Ok, I have a page "frameset.html" that has the code:

<frameset cols="50%,*">
   <frame name="frame1" src="perlscript.pl">
   <frame name="frame2" src="page.html">
</frameset>

What should the referring page be?  "frameset.html"?  Thanks again.

0
 
guadalupeCommented:
Ok maybe I got confused... if perlscript.pl is the one which does the HTTP_Referer check then the $referer_path should be frameset.html (Of course with the full URL - http://....)

Other wise I'm not sure and you'll have to explain a little more the exact flow...
0
 
GorGor1Author Commented:
Thanks, i'll give it a try a little later and let you know...but I'm sure it will work  :o)
0
 
jhurstCommented:
http_referer is not set by all browsers.  It will usually work.

0
 
GorGor1Author Commented:
Thanks!  It works great!  I'll just let users know that if they have problems, they'll have to upgrade their browsers.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.