On Oct 14, 2004, at 11:39 AM, Terry Vogelaar wrote:
Hi,
I need to make a CGI that uses a user name and password to determine what privileges the user has. But using the browser history, another person that uses the computer after he has closed the session, can resume it without having to know the password.
Normally with CGI, PHP or ASP there is an elegant solution to it by using $HTTP_REFERER to check where the user comes from. It is also very useful to find out which search engines and link pages are actually used. But I can't find it in the list of web server globals when using a RunRev CGI. Can it be made available in any way? Is there an alternative way to be sure the user isn't using the bookmarks or the history of his browser?
Terry
Terry,
I think apache sets this variable as a common shell variable during the execution of the rev engine. So you can access it like any other shell variable. Use the msgbox to inspect all the globals and you see the syntax, try a put $HTTP_REFERER in the cgi. Anyway, do not put all your trust on this, it can be faked....
andre
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
-- Andre Alves Garzia 2004 BRAZIL http://studio.soapdog.org
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
