问题
i made this simple code to prevent hotlinking my files from my php download file :
if ((strpos($_SERVER['HTTP_REFERER'],'www.domain.com')!==0)) {
$redirect='index.php';
header("Location: $redirect");
exit;
}
it's not working , it always redirect me to index.php even if i clicked the link inside my wbesite. i tried to change the domain to many types like :
http://www.domain.com
www.domain.com
domain.com
domain
but still the same problem
回答1:
i found the solution, i just made a compare between HTTP_REFERER and the HTTP_HOST using strpos, if they match that mean there is no hotlinking. the code :
if($_SERVER['HTTP_REFERER'])
{
if(!strpos($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST']))
{
$redirect='index.php';
header("Location: $redirect");
}
}
回答2:
You actually want to use !== FALSE instead. The string could be at position 0. Also include zerkms' suggestion:
if (!empty($_SERVER['HTTP_REFERER']) &&
(strpos($_SERVER['HTTP_REFERER'],'www.domain.com') !== FALSE)) {
Documentation: http://php.net/manual/en/function.strpos.php
来源:https://stackoverflow.com/questions/13262436/hotlink-protection