
ChicagoOutfit
Novice
Jun 17, 2009, 12:54 PM
Post #1 of 9
(2125 views)
|
A URL validate function... what's wrong?
|
Can't Post
|
|
Hi there, I'm trying to modify our existent "cform.pl" (which we use to have visitors submit forms) to check an array of allowed redirects, before it allows a form to be submitted to us. So, I have created this array:
@allow_redirect_to = qw(http://www.yahoo.com http://www.google.com); And I'm trying to test it by calling it with this:
sub check_url_valid { my $val = shift; foreach (@allow_redirect_to) { return 1 if ($val eq $_); } return 0; } In our form, I have used this as the redirect (which should NOT allow the form to be sent):
<input type="hidden" name="redirect" value="http://www.msn.com"> However, the form is still submitted... though the visitor is not redirected to MSN (instead seeing a listing of what he submitted). On another note, after adding "http://www.msn.com" to "@allow_redirect_to" the visitor still doesn't get redirected to MSN (instead seeing a listing of what he submitted). So, it appears that my first Perl script is (1) not checking my allowed redirects array and (2) not redirecting properly even when the redirect is in the allowed redirects array. Any help? Thank you so much in advance, CO
|