This script appears to be generated by a commercial script genertor. Normally in such cases, I'd recommend that you contact whoever sold you the thing and get them to fix it. But in this case, the code is so *incredibly bad* I can't recommend that you contact them. My real advice is to find a better script (perhpas the formmail replacement at NMS), or pay someone to write one. If you insist on using this script, you could just take out these lines:
@valid_ref = ('http://www.willettsbutchers.co.uk') ;
foreach $ref (@valid_ref) {
if ($ENV{'HTTP_REFERER'} =~ m/$ref/i) {$is_valid = 1 ; last ;}
}
if (! $is_valid) {
print "Content-type: text/html\n\nERROR - Invalid Referrer\n" ;
exit 0 ;
}
Those are the ones that give you the error and although a novice might think they offered some protection, they really don't. | [reply]
[d/l] |
thank you jZed you are turely a great monk you where right it now works cheers
| [reply] |
To help narrow down the problem, you could print the value of HTTP_REFERER whenever the error occurs.
print "Content-type: text/html\n\nERROR - Invalid Referrer: ".($ENV{HTTP_REFERER} || '(null string)')."\n"
Note, however that you can't count on HTTP_REFERER having a value, in fact it's often not sent by the client and is probably the cause of your problem. You also cannot trust it, as it is easily spoofed, so that alone doesn't protect your script from being exploited by spammers.
| [reply]
[d/l] |