M
Martin Kissner
A. Sinan Unur wrote :
No, I don't think so. Maybe I can not make myself understood because of
my bad English. Maybe I should provide specific filenames to make this
clear.
Before the spammer's attack the target specified in the action attribute
of the form element has been "/emailantwort.html". This target was
redirected to "/cgi-bin/script.cgi".
"script.cgi" checks the URI to decide what to do.
Before the spammers attack:
if ($ENV{REQUEST_URI} eq "/emailantwort.html") { send_mail(); }
Now:
if ($ENV{REQUEST_URI} eq "/someotherfile.html") {
send_mail_better(); }
if ($ENV{REQUEST_URI} eq "/emailantwort.html") { count_spmammer(); }
Thank you, I will do so tonight.
Thank you again. I will do my best.
Okay? Didn't mean to annoy anybody.
Best regards
Martin
That sentence makes no sense. If a visitor can submit the form using a
web browser, then a simple script using LWP, or the command line wget
program can also submit to the same target specified in the action
attribute of the form element you are using.
Your confusion arises from the fact that you don't seem to understand how
HTTP and CGI work, and you confuse the issue by adding in all sorts of
web server configuration issues.
No, I don't think so. Maybe I can not make myself understood because of
my bad English. Maybe I should provide specific filenames to make this
clear.
Before the spammer's attack the target specified in the action attribute
of the form element has been "/emailantwort.html". This target was
redirected to "/cgi-bin/script.cgi".
"script.cgi" checks the URI to decide what to do.
Before the spammers attack:
if ($ENV{REQUEST_URI} eq "/emailantwort.html") { send_mail(); }
Now:
if ($ENV{REQUEST_URI} eq "/someotherfile.html") {
send_mail_better(); }
if ($ENV{REQUEST_URI} eq "/emailantwort.html") { count_spmammer(); }
In summary:
Q1) How do I save the full query submitted to my CGI script.
A) Look into methods provided for this purpose by CGI.pm and CGI::Minimal
Thank you, I will do so tonight.
Q2) How do I prevent a spammer from using my script to send email to
thousands of people?
A) The safest way is to prevent a web site visitor from being able to
enter any email address. Short of that, look at CGI::ContactForm to see
how to make sure the submitted parameter only contains a single email
address.
Thank you again. I will do my best.
There seems to be nothing else that is remotely Perl related to discuss.
Okay? Didn't mean to annoy anybody.
Best regards
Martin