PHP forged referer to break through anti-leech Protection

Many applications can be displayed in this example. For example, hiding a real URL ...... Hey, let's analyze it by yourself.
Create a file. php. The following parameter is the target address of the Referer to be forged. Such as: file. php/http://www.xxx.xxx/xxx.mp3
<?
$ Url = str_replace ('/file. php/', '', $ _ SERVER [" REQUEST_URI "]); // obtain the url to be converted. I am so lazy here that I don't need to perform security detection. I need to add it myself.
$ Downfile = str_replace ("", "% 20", $ url); // replace spaces and so on, which can be replaced according to the actual situation
$ Downfile = str_replace ("http: //", "", $ downfile); // remove http ://
$ Urlarr = explode ("/", $ downfile); // break down the domain name "/"
$ Domain = $ urlarr [0]; // domain Name
$ Getfile = str_replace ($ urlarr [0], '', $ downfile); // GET the GET part in the header.
$ Content = @ fsockopen ("$ domain", 80, $ errno, $ errstr, 12); // connect to the target host
If (! $ Content) {// an error is prompted if the link is not connected.
Die ("sorry, unable to connect to $ domain. ");
} Www.jbxue.com
Fputs ($ content, "GET $ getfile HTTP/1.0 \ r \ n ");
Fputs ($ content, "Host: $ domain \ r \ n ");
Fputs ($ content, "Referer: $ domain \ r \ n"); // counterfeit part
Fputs ($ content, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) \ r \ n ");

While (! Feof ($ content )){
$ Tp. = fgets ($ content, 128 );
If (strstr ($ tp, "200 OK") {// here we will describe it. The first line of the header is generally the status of the request file. For details, refer to the HTTP 1.1 Status Code and its meaning. Programs in other States

Header ("Location: $ url ");
Die ();
}
}

// 302 redirection. Most anti-leech systems first judge the referer. If yes, they will then turn to the real address. The following describes how to obtain the real address.
$ Arr = explode ("\ n", $ tp );
$ Arr1 = explode ("Location:", $ tp); // returns the actual address after the Location
$ Arr2 = explode ("\ n", $ arr1 [1]);
Header ('content-Type: application/force-download'); // force download
Header ("location:". $ arr2 [0]); // redirects to the target address
Die ();
?>

This program can only use referer to determine whether a leeching anti-leech system is used. If other special methods are used for anti-Leech, this estimation is not applicable.