-- Randal L. Schwartz, Perl hacker

However, you can use $ENV{REMOTE_ADDR} (the ip of the connecting client). This cannot be spoofed (although they could go and use a proxy).

my @a=qw(random brilliant braindead); print $a[rand(@a)];

The main reason your code doesn't work, is that you have sent two \n's to the browser, before you attempt to redirect it. Once you have sent the double carriage returns, it's game over, anything printed to the browser after that is considered content. That is, as long as you've specified the Content-Type at some point before the carriage returns.

The key is to redirect the browser, if you need to, before printing the Content-Type, and sending the double carriage returns.

The follow code snippet will allow you to specify a list of bad domains, and redirects the user back to the bad domain if a match is found:

#!/usr/bin/perl -wT

use strict;
use CGI;
use URI;

use constant BAD_DOMAINS => qw(
  www.baddomain.com
);

#create lookup table
my %bad_domains;
undef @bad_domains{ BAD_DOMAINS() };

my $cgi = CGI->new;

print $cgi->redirect($cgi->referer)
  if exists $bad_domains{ URI->new($cgi->referer, 'http')->host };

print $cgi->header;

#...
[download]

if ( $ENV{'HTTP_REFERRER'} =~ /dumbdomain.com/ ) {
   print("Location: http://www.anotherpage.com\n\n");
}
[download]

----------
- Jim

Very close, except that you spelled "referrer" correctly, and HTTP doesn't. Fleshed out a bit more, this looks like

#!/usr/bin/perl

if ( defined $ENV{'HTTP_REFERER'}
     and $ENV{'HTTP_REFERER'} =~ /dumdomain\.com/ ) {
    print "Location: http://www.anotherpage.com\n\n";
    exit(0);
}

print "Content-type: text/html\n\n";
...
[download]

Ahh, thank you! I also noticed that I did not escape my '.' in my RE. I wonder what I was thinking.

----------
- Jim

ok i tried this version because i didn't want to send people back to where they came from, but instead a more *constructive* site.

unfortunately i'm still getting "an error occurred while processing this directive". yuck.

any ideas?

Hopefully you're not using the "naughty referers" idea for anything more than VERY rudimentary security. As Merlin points out it's spoofable and will flame out with all proxied users.

Actually, re-reading your post it almost sounds like something your doing as a prank or a "revenge" thing. Is that true?

yah i know it's not fool-proof so i'm prepared for people to slip by. i'm not doing anything sneaky-prank-y (although i'd be the first to spill the details if i were), i'm just trying to weed out some dumb people. it sounds awful trivial but to TRY and simplify... there's a person who is linking to my page and not on the most polite of terms. i'm tired of the negative comments i'm receiving because of this person and rather than continue the drama i'd like to use this approach. eh.