Warning: your browser doesn't send the HTTP_REFERER header to the website.
This can be caused due to your browser, using a proxy server or your firewall.
Please change browser or turn off the use of a proxy
or turn off the 'Deny servers to trace web browsing' in your firewall
and you shouldn't have problems when sending a POST on this website.
The user gets this error when attempting to log-in to his account, and after attempting to "submit" a post on the forums.
arnoldkrg Major
Joined: Aug 03, 2003
Posts: 936
Location: United Kingdom
Posted:
Mon Nov 21, 2005 12:51 am
This is not an error. It is part of Chatserv's security patches to prevent access from those who have a blank referrer. If you want to allow these, and reduce the security of your site, then find in mainfile.php:
Code:
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_SERVER['HTTP_REFERER'])) {
if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
die('Posting from another server not allowed!');
}
} else {
die($posttags);
}
}
and change to:
Code:
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_SERVER['HTTP_REFERER'])) {
if (!stripos_clone($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
die('Posting from another server not allowed!');
}
}
}
_________________
php_n0ob Nuke Soldier
Joined: Nov 18, 2005
Posts: 13
Location: Mid-west US
Posted:
Mon Nov 21, 2005 6:06 am
Cool, thanks for the post. I let the user know what was going on. Is there any kind of change users can make on their end to not have the blank referrer? From what I understand, spyware can inject new http referrers into a browser, thus causing you to have a false referrer that shows you linked from somewhere else.
Example:
62.22.98.xxx - - [28/May/2005:23:40:16 -0400] "GET /shninfo_detail.php?shnid=3869 HTTP/1.0" 200 12288 "http://free-online-poker.fre[x].net/" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Crazy Browser 1.x.x)"
Where the red item is the injected referrer. Can spyware also cause a blank referrer, OR would the blank referrer be caused by an anti-virus or spyware removal program? For now, in order to make sure this user, and any others that might be having similar issues can access the site, I will make the code change. It's a gaming site, and no real personal info is there, so I can live for a short while with the lowered security issue. If anyone knows how to address the referrer issue on the client end, please let me know.
Thanks.
php_n0ob Nuke Soldier
Joined: Nov 18, 2005
Posts: 13
Location: Mid-west US
Posted:
Mon Nov 21, 2005 11:25 am
Disregard that last post. The user in question just got back with me, ends up his Norton Internet Security software was the culprit. He set it to allow referrs from our domain, and now he can access it just fine. Thanks for the tip though, if I run into this again I now know that there is a fix, although not a safe one I would like.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
