Ten Years of MZ Online!

Practical Advice

Extraordinary Ideas

No-Nonsense Solutions

Saturday, May 3, 2003

May 3, 2003

Perl is my friend.

With that said, if you read the last (NewsMay103) news entry, you should understand what I'm talking about.

I took a few hours yesterday to permanently fix the unauthorized linking problem...with the help of Perl. I don't really know Perl, so it was challenging. But, I had a few examples of scripts which did things similar to what I wanted...and also a book which included stuff on how to check referrals and do stuff that way.

Needless to say, there are some changes/enhancements I'd like to make to my script, but for the time being (and even after those enhancements are made), it does the following:

  1. Allows me to 'protect' images from being linked only from pages I approve,
  2. Works 'transparently' (e.g. no user interaction),
  3. Doesn't 'give out' the actual URL to an image (looking at the source of a fully-loaded page reveals only the URLpath for the script query (the 'booby trap' part),
  4. Displays the correct image if authorized,
  5. Displays a little blue sad face (emoticon -- frown ) and not the expected image if linked from an unauthorized source.

I was trying to think of a crafty way to get my message across. I wasn't a big fan of creating an image with text, mostly due to bandwidth issues. I needed something simple, yet got the point across. The sad face just seemed the answer. Of course, I've got the script written so it's customizeable which image is referred if linked from an unauthorized place.

After I got the script working on an acceptable level, I immediately implemented it on my Monty Python site (where I was having all the problems in the first place). Upon doing so, I also moved/removed the existing images to a new, semi-hidden (e.g. different) directory. This means that almost every '404' error for those images which shows up in the logfiles now is from these unauthorized referrals...

Initial tests are proving very successful. Transparently, this 'feature' is allowing every visitor to the Python site view these images, but not allowing anyone else to view them without loading the source page. This is the behavior I'm going for. If someone wants to use one of the Python images somewhere (because they're not my copyright, nor do I claim that) that's fine -- I just don't want them to ungratefully use my bandwidth for it. smile


Finals Week Approaches...

Friday was the 'official' last day of classes for the semester (although my last class was prior to Friday, personally). Monday is the University-wide 'study day'...and finals run Tuesday-Friday. Don't know right now how much updating I'll get to of news over this next week or so...but if there's nothing, you know why. smile

This post was upgraded to the MZ Online Blog on 8/20/07

Thursday, May 1, 2003

May 1, 2003

I've decided on my major personal web projects for this summer. For a long time, mzonline.com has been in need of some serious work. It's got far too much verbage, not enough pizazz. I need to take the axe to parts of it...and keep the good stuff while making it a little more eye-candyish. So that's the first project (probably an ongoing one...since I really need to come up with a new design for it).

The second is the Monty Python site. This will probably be the first completed project...and will take part in several phases.

The first phase will be to completely move it over to the Wiki side (much like I did with this site).

The second is to make it look better. It's kinda plain, and also needs pizazz. This will include a special TWiki skin made for it (like I did for this site, although presumably different in many ways).

The third phase is to 'secure' the Monty Python images I use throughout the Holy Grail Script. This may coincide with the the first phase, depending upon the work. For instance, the main problem I'm having right now deals with random bulletin board (forum) users from around the Internet deciding to link to these images (which get many hits per day -- sometimes in the thousands). I've won a particular battle with an online RPG-type game, but am slowly forced to 'remove' images as they get abused from other sources. This makes me unhappy.

The idea is this: I need to find some crafty way to only allow visitors viewing the (authenticated -- e.g. only I allow -- like referrals from mzonline.com) pages with these images to download them. The ideal way (and probably the way I'll do it...ultimately) is probably to script something up (with Perl/CGI or PHP -- both of which I'd have to 'learn'). This would be a script which checks the http referral and approves/denies appropriately. The major plus to this is that it's completely server-side (requires no interaction with user or need to store something on the user's machine). The major minus is that I'd have to probably write this myself...which would take time. However, I'm already using something similar to this!

My CommentsQuestions and EMailMatt pages make use of a form handling mechanism which does this exact check (it's for anti-fraud use -- so people I don't know about can't use my form handling program to do uncool things). I should be able to modify this in some way...given some other examples and such.

IDEA! WOOHOO! After some brief browsing at Matt's Script Archive, I've found exactly what I'm looking for, minus the http referral stuff. So, this seems feasible. We shall see...


The last web-related project I have on tap is to redo all the other ones...or make appropriate adjustments. Until then... smile

This post was upgraded to the MZ Online Blog on 8/20/07

My Blog Profile

My Photo
Matt
Minnesota, United States
View my complete profile

Miscellaneous Bits

  • One Gorgeous Daughter (Kirstin)
  • An Incredible Wife (Beth)
  • Two Cats (George/Felix)
  • Two Dogs (Koshka/Kurva)
  • My birthday is at the 48851th place in Pi
  • Frank Oz and I share birthdays (Go Fozzie Bear)!
  • Mike Myers and I share birthdays (Party On, Wayne)!

MZ Online Blog: The Archive

Categories

Save to del.icio.us Save to del.icio.us W3C XHTML Valid W3C CSS Valid W3C Tableless! W3C WAI Double-A WCAG 1.0
Copyright 1997-2008 Matt Zaske. All Rights Reserved. | Privacy Policy | Terms of Use | Search | Site Map