Forums

This topic is locked

Server Variables

Posted 31 Jul 2002 08:56:22
1
has voted
31 Jul 2002 08:56:22 Nathan Pollux posted:
here's a little question for you.
a client of ours has little problem with a user on one of his websites who constantly posts anonymous offending messages on the guestbook which we created using DMX, because of his messages, which sometimes contain sensitive company information, someone already lost his job.
now, he wants to make sure he accuses the right person so we want to add some more info into the message records seeing as the IP that is logged is the IP of a proxy server

we tried to use the REMOTE_HOST to catch the name of the system but in testing it does not work (on & offline)
use : <i>Request.ServerVariables("REMOTE_HOST"</i>

is this because of privacy settings in IE6 on Xp ?
will this work on a win98/Me system running IE5 ?

maybe someone has some other ideas about getting some more user information so that our client can more accurately point the finger at someone, he has 3 suspects so he just wants to narrow it down.

I scream in dev/null so nobody can hear me being frustrated.

Replies

Replied 31 Jul 2002 12:29:03
31 Jul 2002 12:29:03 Owen Eastwick replied:
Do people have to register before they can post messages?

Regards

Owen.

Multiple Parameter UD4 / Access 2000 Database Search Tutorial:
www.tdsf.co.uk/tdsfdemo
Replied 31 Jul 2002 14:20:52
31 Jul 2002 14:20:52 Nathan Pollux replied:
i'm affraid not no

the clients wishes were that the guestbook was as accessable as possible so a registration to post was out of the question
otherwise it was easier to track the user but now everyone can post as someone else (with that name) if he or she wants to...
that's why we wanted to add some more fields in the messagetable to have some more info about the user that posted

I scream in dev/null so nobody can hear me being frustrated.
Replied 31 Jul 2002 15:38:32
31 Jul 2002 15:38:32 Owen Eastwick replied:
Here's a full list of srever variables that may be some use:

www.asp101.com/samples/servvars.asp

However, without some form of registration/login process I think it will be impossible to prevent the determined user from posting malicious messages annonymously.

You could however filter out offensive words quite easily, using a series of Replace commands, something like:

&lt;%
varMessageText = Request("txtMessage"
Replace(varMessage, "OffensiveWord1", "*Omitted*"
Replace(varMessage, "OffensiveWord2", "*Omitted*"
etc.......
%&gt;

Regards

Owen.

Multiple Parameter UD4 / Access 2000 Database Search Tutorial:
www.tdsf.co.uk/tdsfdemo

Reply to this topic