Jim Gibson wrote:
On 2/8/10 Mon Feb 8, 2010 6:07 PM, "Chris Coggins" <cacogg...@cox.net>
scribbled:
Chris Coggins wrote:
I'm adding this exit step into the script to keep people from trying
to execute it outside of the normal web interface. The script and
browser communicate normally if the script is executed through its
original form. What I'm trying to prevent is someone trying to execute
without using the form, as a sort of hacker deterrent. I could care
less what error messages that person encounters, I just wondered if
the 500 was the normal response via that method of execution.
No. 500 means "server error". A more properly-framed response would be one
of the 400 response codes, such as 401 "Unauthorized" or 403 "Forbidden".
However, your attempt to make your program hacker-proof is probably futile.
Whatever data is accepted by your form from the correct web page can easily
be spoofed by an clever hacker. That is why many web sites use the "captcha"
method for filtering out automated web scripts.
Well I changed it to exit after determining the request method.-- > if
"get" then exit. Works good enough for this purpose.
--
To unsubscribe, e-mail: beginners-unsubscr...@perl.org
For additional commands, e-mail: beginners-h...@perl.org
http://learn.perl.org/
