Lastwebpage
March 18th, 2007, 08:52 AM
Hello,
I want to make a search request in a forum (vBulletin) and display the result on a "HTML site" inside a Vista sidebar gatget. Here are my code snippets:
xmlReqForumENG=new XMLHttpRequest();
xmlReqForumENG.open("POST", "http://forums.miranda-im.org/search.php?do=process");
xmlReqForumENG.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xmlReqForumENG.setRequestHeader("Charset", "ISO-8859-1");
xmlReqForumENG.onreadystatechange = retrievedDataForumENG;
xmlReqForumENG.send("do=process&quicksearch=1&childforums=1&exactname=1&s=&query="+SearchTerm+"&showposts=1");
BUT, in retrievedDataForumENG.responseText I find after the call: "In order to accept POST request originating from this domain, the admin must add this domain to the whitelist."
I use a similiar function to do the same on another forum (SMF, not vBulletin) which works without any problems.
Any idea what could be wrong?
regards
Peter
EDIT: PHP code which bring me this error:
// #############################################################################
// referrer check for POSTs; this is simply designed to prevent self-submitting
// forms on foreign hosts from doing nasty things
if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST' AND !defined('SKIP_REFERRER_CHECK'))
{
if ($_SERVER['HTTP_HOST'] OR $_ENV['HTTP_HOST'])
{
$http_host = ($_SERVER['HTTP_HOST'] ? $_SERVER['HTTP_HOST'] : $_ENV['HTTP_HOST']);
}
else if ($_SERVER['SERVER_NAME'] OR $_ENV['SERVER_NAME'])
{
$http_host = ($_SERVER['SERVER_NAME'] ? $_SERVER['SERVER_NAME'] : $_ENV['SERVER_NAME']);
}
if ($http_host AND $_SERVER['HTTP_REFERER'])
{
$referrer_parts = @parse_url($_SERVER['HTTP_REFERER']);
$ref_port = intval($referrer_parts['port']);
$ref_host = $referrer_parts['host'] . (!empty($ref_port) ? ":$ref_port" : '');
$allowed = preg_split('#\s+#', $vbulletin->options['allowedreferrers'], -1, PREG_SPLIT_NO_EMPTY);
$allowed[] = preg_replace('#^www\.#i', '', $http_host);
$allowed[] = '.paypal.com';
$pass_ref_check = false;
foreach ($allowed AS $host)
{
if (preg_match('#' . preg_quote($host, '#') . '$#siU', $ref_host))
{
$pass_ref_check = true;
break;
}
}
unset($allowed);
if ($pass_ref_check == false)
{
die('In order to accept POST request originating from this domain, the admin must add this domain to the whitelist.');
}
}
}
I want to make a search request in a forum (vBulletin) and display the result on a "HTML site" inside a Vista sidebar gatget. Here are my code snippets:
xmlReqForumENG=new XMLHttpRequest();
xmlReqForumENG.open("POST", "http://forums.miranda-im.org/search.php?do=process");
xmlReqForumENG.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xmlReqForumENG.setRequestHeader("Charset", "ISO-8859-1");
xmlReqForumENG.onreadystatechange = retrievedDataForumENG;
xmlReqForumENG.send("do=process&quicksearch=1&childforums=1&exactname=1&s=&query="+SearchTerm+"&showposts=1");
BUT, in retrievedDataForumENG.responseText I find after the call: "In order to accept POST request originating from this domain, the admin must add this domain to the whitelist."
I use a similiar function to do the same on another forum (SMF, not vBulletin) which works without any problems.
Any idea what could be wrong?
regards
Peter
EDIT: PHP code which bring me this error:
// #############################################################################
// referrer check for POSTs; this is simply designed to prevent self-submitting
// forms on foreign hosts from doing nasty things
if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST' AND !defined('SKIP_REFERRER_CHECK'))
{
if ($_SERVER['HTTP_HOST'] OR $_ENV['HTTP_HOST'])
{
$http_host = ($_SERVER['HTTP_HOST'] ? $_SERVER['HTTP_HOST'] : $_ENV['HTTP_HOST']);
}
else if ($_SERVER['SERVER_NAME'] OR $_ENV['SERVER_NAME'])
{
$http_host = ($_SERVER['SERVER_NAME'] ? $_SERVER['SERVER_NAME'] : $_ENV['SERVER_NAME']);
}
if ($http_host AND $_SERVER['HTTP_REFERER'])
{
$referrer_parts = @parse_url($_SERVER['HTTP_REFERER']);
$ref_port = intval($referrer_parts['port']);
$ref_host = $referrer_parts['host'] . (!empty($ref_port) ? ":$ref_port" : '');
$allowed = preg_split('#\s+#', $vbulletin->options['allowedreferrers'], -1, PREG_SPLIT_NO_EMPTY);
$allowed[] = preg_replace('#^www\.#i', '', $http_host);
$allowed[] = '.paypal.com';
$pass_ref_check = false;
foreach ($allowed AS $host)
{
if (preg_match('#' . preg_quote($host, '#') . '$#siU', $ref_host))
{
$pass_ref_check = true;
break;
}
}
unset($allowed);
if ($pass_ref_check == false)
{
die('In order to accept POST request originating from this domain, the admin must add this domain to the whitelist.');
}
}
}