Code: Select all
$block_user_agent = array('Mozilla/', 'Opera/', 'Wget/');
$block = false;
foreach($block_user_agent as $agent)
if (substr($_SERVER['HTTP_USER_AGENT'], 0, strlen($agent)) == $agent) $block = true;Moderator: General Moderators
Code: Select all
$block_user_agent = array('Mozilla/', 'Opera/', 'Wget/');
$block = false;
foreach($block_user_agent as $agent)
if (substr($_SERVER['HTTP_USER_AGENT'], 0, strlen($agent)) == $agent) $block = true;Code: Select all
$agent = $_SERVER['HTTP_USER_AGENT'];
$agent = substr($agent, 0, strpos($agent, '/'));
$block_user_agent = array('Mozilla', 'Opera', 'Wget');
$blocked = false;
if (is_numeric(array_search($agent, $block_user_agent)))) $blocked = true;I want to make a very basic protection for users that can stream music don't can download the music.hawleyjr wrote:Don't trust user agents, they can easily be modified by the user...
Code: Select all
$agent = $_SERVER['HTTP_USER_AGENT'];
$agent = substr($agent, 0, strpos($agent, '/'));
if ($session['logged_in'] &&
$session['idle_time'] + $cfg['authenticate_expire'] > time() &&
$session['ip'] == $_SERVER['REMOTE_ADDR'] &&
$session['user_agent'] != $_SERVER['HTTP_USER_AGENT'] &&
is_numeric(array_search($agent, array('Mozilla', 'Opera', 'voyager', 'Wget', 'curl', 'Java'))) == false &&
$users['access_stream'])
{
// Start streaming
}
else
{
header('Status: 403 Forbidden');
header('HTTP/1.0 403 Forbidden');
header('HTTP/1.1 403 Forbidden');
exit('403 Forbidden');
}I haven't found any user agent that starts with IE/ so far.AKA Panama Jack wrote:If you want to really be secure you need to add 'IE/' to that list.
Code: Select all
Mozilla/5.0 (Windows; U; Windows NT 5.1; us-EN; rv:1.7.12) Gecko/20050919 IE/7