in reply to AuthorizedDomain script?

Well, let me point out some of the many problems with that script.

  1. There is no use strict;
  2. There is no use warnings;
  3. The reserved words my and unless are in ALL CAPS
  4. The functions lc and s/// are in ALL CAPS
  5. There is a bareword (HTTP_REFERER)
  6. The regex has some unnecessary grouping parentheses
  7. The function ErrorHTML is not defined

Let me re-write it using some Perl Best Practices: 

use strict;
use warnings;

# Just the domain name, no "www."
my $AuthorizedDomain = lc 'example.com';
my $FormDomain       = lc $ENV{'HTTP_REFERER'};
$FormDomain =~ s{
                    \A
                    https?://    # Strip off the protocol
                    (?:www\.)?   # Strip off any "www."
                    (.*?)        # Grab everything before...
                    /            # The first slash
                    .*           # And delete the rest
                    \Z
                }
                {
                    $1
                }msx;

if ($FormDomain ne $AuthorizedDomain) {
    ErrorHTML('Unauthorized access.');
}

[download]

Of course, for this to really work, the ErrorHTML function would have to be defined somewhere.

Update: Removed #5. Thanks, Your Mother.

Replies are listed 'Best First'.
Re^2: AuthorizedDomain script?
by Your Mother (Archbishop) on Jul 08, 2009 at 17:40 UTC

    Looks like a good redraft but #5 isn't right. The key for the hash is automatically quoted (when possible) so it's not a bareword. It's normal/legal/non-warning Perl. 

    cow@moo[19]>perl -Mstrict -lwe 'my %h; $h{ABC}++; DEF;'
Bareword "DEF" not allowed while "strict subs" in use at -e line 1.

    [download]
[reply]
[d/l]

In Section Seekers of Perl Wisdom