To whom it concerns:
I've recently set up a uShop store for one of my clients. Her website can be accessed using both a .org and a .net domain name. Currently store orders can only be processed through the .net domain name because I have the page validation setting turned on and the .net domain name listed as the valid URL. Obviously that means people entering the store using the .org domain name can't buy anything.
My current solution to this problem is to use absolute URLs in all links on the home page of the website so that visitors who arrive as .org, quickly become .net as soon as they click on anything. This is not a wholly satisfactory solution, and I really don't want to turn the page validation off if I can avoid it.
Any suggestions? Is there a way to list two URLs as being valid and thereby avoid the nasty "Illegal Referrer" message.
Thanks for your help.
Unfortunately, there is no way to "trick" the validation into allowing for two different domain name extensions, that I'm personally aware of.
Thanks for the reply. Can you summarize what additional risks I am taking by turning off the page validation? In what way is my client more vulnerable by having the page validation turned off?
The only risk that gets introduced by turning Page Validation "OFF" is the chance that someone can save your store's HTML pages on their local computer, change the prices, and then submit the order from their local computer. For smaller stores, this is typically not an issue since the storeowner would recognize the price changes... but for larger stores with many items, it may be difficult for the storeowner to recognize if the prices of any items have been modified.
By the way, check out my posting at:
.... for some instructions on how to modify the uShop CGI script such that additional referring URLs can be validated.