| Bill Jonas on Wed, 15 May 2002 10:05:57 -0400 |
|
On Wed, May 15, 2002 at 01:41:05PM +0000, Andre McDowall wrote: > Thank you for responding to my request. I downloaded this script from > cgi-resources.com. I'm new to perl so I am somewhat lost. I tried to remove > this section of the sript, and it DID allow all users to access the email > form, but it continued to send emails without stopping. Any idea of how I > can get rid of this section of the script and still have it perform as it > should (ie: only send one email). Thanks! Change the pages that point to it to use a CGI GET request; something like: http://server/emailthispage.cgi?page=/path/to/page.html Then change the script so that instead of "if (!$ENV{'HTTP_REFERER'})" to "if (!$cgi->param('page'))". Better yet, change the error message from "Permission denied" to "We're sorry, but we couldn't determine you wanted to send. Please go back and click on the 'Email this page'" on the page you wish to send" to make the error message a little friendlier. You may also wish to check to ensure that the page they're sending is on your own server: "if ($cgi->param('page') =~ m|^http://!) { ... print "Sorry, but we will only mail pages that are on our own server.\n"; }". You'll probably want to ensure that the file actually exists before you try to mail it: "unless (-f $DOCUMENT_ROOT/$page) ...". -- Bill Jonas * bill@billjonas.com * http://www.billjonas.com/ "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin Attachment:
pgpl7ENahx4ma.pgp
|
|