VB icon

Site Post Check

Email
Submitted on: 1/6/2015 12:22:00 AM
By: Lewis E. Moten III (from psc cd)  
Level: Advanced
User Rating: By 4 Users
Compatibility: ASP (Active Server Pages)
Views: 776
 
     Checks the HTTP Referer header to ensure people are not posting from other websites. You can include this file if you use templates on your website, or just include it on the pages that receive form data posts. Warning - someone who knows there stuff can get around this by modifying there HOST file. this isn't 100% fool proof, but it may deter most from posting data from other websites.
 
code:
Can't Copy and Paste this?
Click here for a copy-and-paste friendly version of this code!
				
'**************************************
' Name: Site Post Check
' Description:Checks the HTTP Referer header to ensure people are not posting from other websites. You can include this file if you use templates on your website, or just include it on the pages that receive form data posts.
Warning - someone who knows there stuff can get around this by modifying there HOST file. this isn't 100% fool proof, but it may deter most from posting data from other websites.
' By: Lewis E. Moten III (from psc cd)
'**************************************

<%
Call SitePostCheck()
Sub SitePostCheck()
	Dim lblnPost		' user posted data to page?
	Dim lstrReferer		' page user is comming from
	Dim lstrHost		' server user is on
	lblnPost = Request.ServerVariables("REQUEST_METHOD") = "POST"
	' if data wasn't posted, everythign is ok
	If Not lblnPost Then Exit Sub
	lstrReferer = Request.ServerVariables("HTTP_REFERER")
	lstrHost = Request.ServerVariables("HTTP_HOST")
	' If user is posting from antoher website
	If InStr(1, lstrReferer, "//" & lstrHost & "/", vbTextCompare) = 0 Then
		%>
		<H1><FONT color="red">Security Alert</FONT></H1>
		
		<P>
			The security of this web site does not allow you to post
			data from other websites.
		</P>
		
		<%
		Response.End
		
	End If
End Sub
%>


Other 63 submission(s) by this author

 


Report Bad Submission
Use this form to tell us if this entry should be deleted (i.e contains no code, is a virus, etc.).
This submission should be removed because:

Your Vote

What do you think of this code (in the Advanced category)?
(The code with your highest vote will win this month's coding contest!)
Excellent  Good  Average  Below Average  Poor (See voting log ...)
 

Other User Comments


 There are no comments on this submission.
 

Add Your Feedback
Your feedback will be posted below and an email sent to the author. Please remember that the author was kind enough to share this with you, so any criticisms must be stated politely, or they will be deleted. (For feedback not related to this particular code, please click here instead.)
 

To post feedback, first please login.