CFLib.org – IsManipulated

IsManipulated()

Last updated July 2, 2002

author

Version: 1 | Requires: ColdFusion 5 | Library: SecurityLib

Rated 1 time(s). Average Rating: 1.0

Description:
Checks if the URL (maybe a key) was Manipulated or if the form was copied and changed. The file that was called has to be on the same server as the caller file. It doesn't work with the javascript Command self.location.href = "". Please note that cgi.http_refere can be faked. This is not a perfect test.

Return Values:
Returns a boolean.

Example:

view plain print about

<cfoutput>#IsManipulated()#</cfoutput>

<cfoutput>#IsManipulated()#</cfoutput>

Parameters:

No arguments.

Full UDF Source:

	
	
			
			
			
				
				view plain
				
				
				copy to clipboard
				
				
				
				
				print
				
				
				about
				ColdFISH is developed by Jason Delmore.  Source code and license information available at coldfish.riaforge.org.  Version 3.1.1
				
			<cfscript>
/**
 * Checks if the URL (maybe a key) was manipulated or if the form was copied and changed.
 * 
 * @return Returns a boolean. 
 * @author Stephan Scheele (&#115;&#116;&#101;&#112;&#104;&#97;&#110;&#64;&#115;&#116;&#101;&#112;&#104;&#97;&#110;&#45;&#116;&#45;&#115;&#99;&#104;&#101;&#101;&#108;&#101;&#46;&#100;&#101;) 
 * @version 1, July 2, 2002 
 */
function isManipulated(){
	if (CGI.HTTP_REFERER eq "") return true;
	else if (REReplaceNoCase(REReplaceNoCase(CGI.HTTP_REFERER, ".*//", "","all"), "/.*", "","all")  neq CGI.HTTP_HOST) return true;
	else return false;
}
</cfscript>
		<cfscript>
/**
 * Checks if the URL (maybe a key) was manipulated or if the form was copied and changed.
 * 
 * @return Returns a boolean. 
 * @author Stephan Scheele (stephan@stephan-t-scheele.de) 
 * @version 1, July 2, 2002 
 */
function isManipulated(){
    if (CGI.HTTP_REFERER eq "") return true;
    else if (REReplaceNoCase(REReplaceNoCase(CGI.HTTP_REFERER, ".*//", "","all"), "/.*", "","all")  neq CGI.HTTP_HOST) return true;
    else return false;
}
</cfscript>