hotlinkingmeans that the service provider does not provide the content of the service itself, bypassing other beneficial end-user interfaces (such as advertisements) by technical means, and providing the end user with the service content of other service providers directly on its own website to defraud the end-user of the browsing and click-through rate. Beneficiaries do not provide resources or provide very little resources, and real service providers do not get any benefits. Doing a good job of preventing hotlinking is an important task for every website developer.
Do a good job of anti-theft chain to the Web server to reduce a lot of pressure, here we share a PHP anti-Theft chain implementation method:
General Download steps: Find-> Output Find results list-> Go to the Software details page-> Click the Download button-> Open the download page, click Download, start the download
My way is to get a fuss on the download page
First define a $key=sdkfjwojf32413 in the public file of the Web site this is equivalent to a key
Generate a random number on the download page: $certcode = ' 84615354 ' (each time you open the build is different)
Then generate a MD5 () encryption string with the above two variables and the software ID
Then generate the true download of the software address: FILE.PHP?ID=5&CODEKEY=KSFJWOFSDKFSF
The ID here is the number of the software that can be based on the software address he found from the database $codekey =md5 ($id. $certcode. $key)
and save the Certcode in the session,
The Codekey and ID obtained in the file.php parameters are then $key from the public file and then get $certcode from the session.
To Codekey to verify, see if it is correct, if not correct exit, otherwise do the following
1. Delete session (open this address again is invalid)
2, read the software address from the database, and then read the software content, and output (in PHP file Read method output to download the software content instead of directly to the address to download him)
If you want to download, you must open your own download page, open the address from your download page to download, and the download address each time is different, because the generated random number is not the same
Other places even if you download the address, also can not download.
Expand reading (Concrete implementation):
1. Simple anti-theft chain
- $ADMIN [Defaulturl] = "Http://www.vvschool.cn/404.htm" ;//The address returned by Hotlinking
- $okaysites = Array ("http://www.vvschool.cn/","http://www.siyizhu.com");//Whitelist
- $ADMIN [Url_1] = "http://www.vvschool.cn/temp/download/" ;//download Location 1
- $ADMIN [url_2] = "" ; //Download location 2, etc.
- $reffer = $HTTP _referer ;
- if ($reffer) {
- $yes = 0;
- while (List ($domain, $subarray) = each ($okaysites )) {
- if (ereg($subarray,"$reffer")) {
- $yes = 1;
- }
- }
- $theu = "url" . "_" . "$site" ;
- if ($ADMIN[$theu] and $yes = = 1) {
- Header ("Location: $ADMIN [$theu]/$file");
- } else {
- Header ("Location: $ADMIN [Defaulturl]");
- }
- } else {
- Header ("Location: $ADMIN [Defaulturl]");
- }?>
How to use: Save the above code as dao4.php, such as my test validatecode.rar in my Site http://vvschool.cn/temp/download inside, then use the following code to indicate the download connection.
FileName? site=1&file= file
2. Server anti-theft chain
3. Software download anti-theft chain method
- //Place the root directory of the download software relative to the current script directory
- $fileRelPath = ".. /.. /software ";
- //Exceptions allow connection of URLs, note: Their own domain name does not need to fill in, set to be sure to download,
- The //empty string ("") indicates the direct input URL download situation
- $EXCLUDEREFERARR = Array ("www.wreny.com", "wreny.com");
- chdir ($fileRelPath);
- $fileRootPath = GETCWD () . "/" ;
- $filePath = $HTTP _get_vars ["file"];
- $url = Parse_url ($_server["Http_referer"]);
- if ($url[host]!=$_server["Http_host"] & &!in_array ($referHost, $excludeReferArr)) {
- ?>
In fact, there are a lot of anti-hotlinking, here only a general idea as a reference: ⑴iis anti-hotlinking, using Isapi_rewrite, can be used as a solution to Windows anti-hotlinking; ⑵ picture Anti-hotlinking, add watermark in the picture, although hotlinking can achieve the purpose, But they are also doing publicity for their website.
http://www.bkjia.com/PHPjc/445799.html www.bkjia.com true http://www.bkjia.com/PHPjc/445799.html techarticle Hotlinking is the content that the service provider does not provide itself, bypassing other beneficial end-user interfaces (such as advertisements) by technical means and providing it directly to the end user on its own website ...