CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: Beginner:
Anti-leeching-Hiding URL with Query

 



chantao
New User

Nov 27, 2006, 3:31 AM

Post #1 of 4 (1146 views)
Anti-leeching-Hiding URL with Query Can't Post

Hi Guys

I've found a great simple anti leech script on the net. It's working quite well with downloadable files, such as zip and mp3 etc, It does the job to hide url and redirect URL if links are from illegal sites.

However, If I set the hyperlink to a HTML file, (<a href="http://www.myurl.com src="/cgi-bin/antileech.cgi?site=1&filename=hidden.htm) when click, URL will be printed onto the address bar. Is there any way to make the hyperlink query appear on the address bar instead of true URL?

Here is the original code:

-------------------------------------------------Code--------------------------------------------------

$defaulturl = "www.myurl.com";

@okaysites = ("www.myurl.com", "myurl.com/folder1");

$url_1 = "http://www.myurl.com/folder1";
$url_2 = "http://www.myurl.com/folder2";



####################### DO NOT EDIT BELOW THIS LINE ######################

@querypairs = split(/&/, $ENV{'QUERY_STRING'});
foreach $querypair (@querypairs) {
($queryname, $queryvalue) = split(/=/, $querypair);
$queryvalue =~ tr/+/ /;
$queryvalue =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$queryvalue =~ s/<([^>]|\n)*>//g;
if ($QUERY{$queryname}) { $QUERY{$queryname} = $QUERY{$queryname}.",".$queryvalue; }
else { $QUERY{$queryname} = $queryvalue; }
}

$reffer = $ENV{'HTTP_REFERER'};
$yes = 0;
foreach $domain (@okaysites) {
if ($reffer =~ /$domain/) {
$yes = 1;
}
}

$theu = "url"."_"."$QUERY{'site'}";

if ($$theu && $yes == 1) {
print "Location: $$theu/$QUERY{'filename'}\n\n";
} else {
print "Location: $defaulturl\n\n";

}
exit;


davorg
Thaumaturge / Moderator

Nov 27, 2006, 6:23 AM

Post #2 of 4 (1144 views)
Re: [chantao] Anti-leeching-Hiding URL with Query [In reply to] Can't Post

That code is very scary on many levels. It breaks at least two fundamental Perl programming principles (it doesn't use "use strict" and "use warnings" and it uses symbolic references) and at least one fundamental CGI programming principle (by not using CGI.pm).

The person who wrote it didn't know as much Perl as they thought they did. Please don't use this program (or anything else written by that person!)

Here's a version that works in exactly the same way but at least looks like modern Perl.


Code
#!/usr/bin/perl 

use strict;
use warnings;

use CGI qw(param redirect);

my $defaulturl = 'www.myurl.com';

my @okaysites = qw(www.myurl.com myurl.com/folder1);

my %url = (
1 => 'http://www.myurl.com/folder1',
2 => 'http://www.myurl.com/folder2',
);

my $yes = 0;
foreach my $domain (@okaysites) {
if ($ENV{HTTP_REFERER} =~ /$domain/) {
$yes = 1;
last;
}
}

my $site = param('site');
if ($site && $yes) {
print redirect($url{$site} . '/' . param('filename'));
} else {
print redirect($defaulturl);
}


I'm still not convinced that you should use it - that referer checking code still looks a bit dodgy to me. And don't forget that many personal firewalls strip the HTTP_REFERER - thereby ensuring that a number of users will never be able to see your content.

--
Dave Cross, Perl Hacker, Trainer and Writer
http://www.dave.org.uk/
Get more help at Perl Monks


(This post was edited by davorg on Nov 28, 2006, 3:57 AM)


chantao
New User

Nov 28, 2006, 3:35 AM

Post #3 of 4 (1134 views)
Re: [davorg] Anti-leeching-Hiding URL with Query [In reply to] Can't Post

Hi Dave,

Thanks for the code. It looks so much cleaner while the original code looks like a C adaptation of perl programming. Your code works very well but same as the original code it does not hide html path. Is there anyway when click to print out the query on the address bar instead of the full path of the html document?

Tao


davorg
Thaumaturge / Moderator

Nov 28, 2006, 4:04 AM

Post #4 of 4 (1131 views)
Re: [chantao] Anti-leeching-Hiding URL with Query [In reply to] Can't Post


In Reply To
Your code works very well but same as the original code it does not hide html path.


Well, as I said, my code just reimplements the same logic as the original version. It will work in exactly the same way.

Of course it won't hide the path to the HTML document. It sends the correct path back to the browser and tells the browser to re-request the document from the correct location.

I don't really understand what you are trying to achieve. If you're sending the HTML to the browser (which, obviously, you have to do) then hiding the URL of the page doesn't achieve anything.

It all sounds a bit pointless to me, but if you think it's useful, then you might well be able to achive what you want using an Apache rewrite rule.

--
Dave Cross, Perl Hacker, Trainer and Writer
http://www.dave.org.uk/
Get more help at Perl Monks

 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives