[Openfirst-cvscommit] guestbook signthanks.php,1.12,1.13
Brought to you by:
xtimg
Menu
▾
▴
[Openfirst-cvscommit] guestbook signthanks.php,1.12,1.13
|
From: Tim G. <xt...@us...> - 2004-04-09 18:44:50
|
Update of /cvsroot/openfirst/guestbook In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17756 Modified Files: signthanks.php Log Message: Prevent DoS on guestbook by requiring fields to be filled in. This is in direct response to the attacks on portperryrobotics.ca using a Java-based program running on a remote server to post blank data directly to signthanks.php Index: signthanks.php =================================================================== RCS file: /cvsroot/openfirst/guestbook/signthanks.php,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** signthanks.php 24 Dec 2003 19:05:54 -0000 1.12 --- signthanks.php 9 Apr 2004 18:31:29 -0000 1.13 *************** *** 29,32 **** --- 29,40 ---- include_once("../config/globals.php"); include_once("$header"); + + if(! isset($_POST["guest"]) && ! isset($_POST["email"]) && !isset($_POST["icq"]) && ! isset($_POST["aim"]) && ! isset($_POST["msn"]) + && ! isset($_POST["yim"]) && ! isset($_POST["irc"]) && ! + isset($_POST["webpage"]) && ! isset($_POST["location"]) && ! + isset($_POST["comment"])) { + echo("You must fill in at least some fields to sign the guest book"); + die(include_once($footer)); + } ?> <h1>Sign Guest Book - Complete</h1> |
