This program implements hot link prevention in php. It is useful for webmasters who do not have access to the server at a level where they can control hot linking can still supply some type of hot link prevention for thier site by using php.
This attached file is a script that allows you to perform hotlink prevention in pure php, for those that cannot do .htaccess or other methods. It includes full documentation on getting it up and running. More scripts available at http://www.suryvial.com.
<?php
/*
Copyright (C) 2003 Enders Web Development
This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program; if not, write to the
Free Software Foundation, Inc.,
59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
Author Email: tomender@ptd.net
Author Post:
J. Thomas Enders
PO Box 663
Gilbert, PA 18331, USA
*/
error_reporting(E_ALL);
//where, in relation to this script, are the files stored
define(FILE_DIR,'.');
define(MY_URL,'suryvial.com');
//set up the array of types the system recognizes
$file_types = array(
'jpg' => array('image/jpeg','hotlinker.jpg'),
'gif' => array('image/gif','hotlinker.gif'),
'png' => array('image/png','hotlinker.png')
);
//make sure the script was called with the correct parameters
if(!isset($_GET['File']) || !isset($_GET['Type'])) {
die('Required Parameters Not Specified');
} elseif(!file_exists($_GET['File'])) {
die('Invalid File Specified');
} elseif(!isset($file_types[$_GET['Type']])) {
die('Invalid Type Specified');
} //end if
//check if the link originated from our site
if(!ereg(MY_URL,$_SERVER['HTTP_REFERER'])) {
//reset the file to be the one we point hotlinkers to
$_GET['File'] = $file_types[$_GET['Type']][1];
} //end if
//send out the headers for this file
header('Last-Modified: ' . date('D, d M Y G:i:s T',filemtime($_GET['File'])));
header('Accept-Ranges: bytes');
header('Content-Length: ' . filesize($_GET['File']));
header('Connection: close');
header('Content-Type: ' . $file_types[$_GET['Type']][0]);
//send the file to the browser
$file = fopen($file_dir . '/' . $_GET['File'],'r');
while(!feof($file)) {
print(fread($file,4096));
flush();
} //end while
fclose($file);
?>
