Update of /cvsroot/openbash-org/openbash-org/modules
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv26862/modules
Modified Files:
Quote.php View.php
Log Message:
Se comprueba que las votaciones provienen de un link de nuestro sitio, no
se puede votar a lo loco con enlaces externos.
Index: View.php
===================================================================
RCS file: /cvsroot/openbash-org/openbash-org/modules/View.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** View.php 20 Nov 2004 10:01:29 -0000 1.11
--- View.php 20 Nov 2004 10:11:10 -0000 1.12
***************
*** 82,88 ****
<p><a href="javascript:;" onClick="history.back();"><?=$quote_language['back']?></a></p>
-->
! <p><a href="<?=$_SERVER['HTTP_REFERER']?>"><?=$quote_language['back']?></p>
<?php
}
function view_redirect($url)
--- 82,95 ----
<p><a href="javascript:;" onClick="history.back();"><?=$quote_language['back']?></a></p>
-->
! <p><a href="<?=$_SERVER['HTTP_REFERER']?>"><?=$quote_language['back']?></a></p>
<?php
}
+
+ function view_score_forbidden()
+ {
+ global $quote_language;?>
+ <p><?=$quote_language['score_forbidden']?></p>
+ <?php
+ }
function view_redirect($url)
Index: Quote.php
===================================================================
RCS file: /cvsroot/openbash-org/openbash-org/modules/Quote.php,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** Quote.php 18 Nov 2004 17:42:04 -0000 1.14
--- Quote.php 20 Nov 2004 10:11:10 -0000 1.15
***************
*** 137,140 ****
--- 137,147 ----
$ip = get_ipaddr();
+ if(!strstr($_SERVER['HTTP_REFERER'], $_SERVER['SERVER_NAME'])) {
+ $view = new View();
+ $view->view_score_forbidden();
+ return;
+ }
+
+
/*
* check last vote
|
