hotlink protection

Question

i made this simple code to prevent hotlinking my files from my php download file :

if ((strpos($_SERVER[\'HTTP_REFERER\'],\'www.domain.com\')!==0)) {
    $re         


        

Answer 1

You actually want to use !== FALSE instead. The string could be at position 0. Also include zerkms' suggestion:

if (!empty($_SERVER['HTTP_REFERER']) && 
    (strpos($_SERVER['HTTP_REFERER'],'www.domain.com') !== FALSE)) {

Documentation: http://php.net/manual/en/function.strpos.php