hotlinking
Posted: Thu Mar 08, 2007 3:25 pm
ok, so ive been trying to protect my files from hotlinking, however, when the following url is entered directly i still get the file?
http://www.xxxxxxx.com/media/index.php?f=xx/xx.avi
my hotlinking file is:
can someone tell me whats wrong?
http://www.xxxxxxx.com/media/index.php?f=xx/xx.avi
my hotlinking file is:
Code: Select all
<?php
$dir='ejiose5w39075fqj038m68093n050q98cm756/';
if ((!$file=realpath($dir.$_GET['file']))
|| strpos($file,realpath($dir))!==0 || substr($file,-4)=='.php'){
header('HTTP/1.0 404 Not Found');
exit();
}
$ref=$_SERVER['HTTP_REFERER'];
if (strpos($ref,'http://www.xxxxxx.com/')===0 || strpos($ref,'http')!==0){
$mime=array(
'jpg'=>'image/jpeg',
'png'=>'image/png',
'mid'=>'audio/x-midi',
'avi'=>'video/x-msvideo',
'wav'=>'audio/x-wav'
);
$stat=stat($file);
header('Content-Type: '.$mime[substr($file,-3)]);
header('Content-Length: '.$stat[7]);
header('Last-Modified: '.gmdate('D, d M Y H:i:s',$stat[9]).' GMT');
readfile($file);
exit();
}
header('Pragma: no-cache');
header('Cache-Control: no-cache, no-store, must-revalidate');
include($file.'.php');
?>