PHP do the basic idea of anti-theft chain how to set up the anti-theft chain _php Tutorial

Source: Internet
Author: User
hotlinkingmeans that the service provider does not provide the content of the service itself, bypassing other beneficial end-user interfaces (such as advertisements) by technical means, and providing the end user with the service content of other service providers directly on its own website to defraud the end-user of the browsing and click-through rate. Beneficiaries do not provide resources or provide very little resources, and real service providers do not get any benefits. Doing a good job of preventing hotlinking is an important task for every website developer.

Do a good job of anti-theft chain to the Web server to reduce a lot of pressure, here we share a PHP anti-Theft chain implementation method:

General Download steps: Find-> Output Find results list-> Go to the Software details page-> Click the Download button-> Open the download page, click Download, start the download

My way is to get a fuss on the download page

First define a $key=sdkfjwojf32413 in the public file of the Web site this is equivalent to a key

Generate a random number on the download page: $certcode = ' 84615354 ' (each time you open the build is different)

Then generate a MD5 () encryption string with the above two variables and the software ID

Then generate the true download of the software address: FILE.PHP?ID=5&CODEKEY=KSFJWOFSDKFSF

The ID here is the number of the software that can be based on the software address he found from the database $codekey =md5 ($id. $certcode. $key)
and save the Certcode in the session,

The Codekey and ID obtained in the file.php parameters are then $key from the public file and then get $certcode from the session.

To Codekey to verify, see if it is correct, if not correct exit, otherwise do the following

1. Delete session (open this address again is invalid)

2, read the software address from the database, and then read the software content, and output (in PHP file Read method output to download the software content instead of directly to the address to download him)

If you want to download, you must open your own download page, open the address from your download page to download, and the download address each time is different, because the generated random number is not the same

Other places even if you download the address, also can not download.

Expand reading (Concrete implementation):

1. Simple anti-theft chain

 
 
  1. $ADMIN [Defaulturl] = "Http://www.vvschool.cn/404.htm" ;//The address returned by Hotlinking
  2. $okaysites = Array ("http://www.vvschool.cn/","http://www.siyizhu.com");//Whitelist
  3. $ADMIN [Url_1] = "http://www.vvschool.cn/temp/download/" ;//download Location 1
  4. $ADMIN [url_2] = "" ; //Download location 2, etc.
  5. $reffer = $HTTP _referer ;
  6. if ($reffer) {
  7. $yes = 0;
  8. while (List ($domain, $subarray) = each ($okaysites )) {
  9. if (ereg($subarray,"$reffer")) {
  10. $yes = 1;
  11. }
  12. }
  13. $theu = "url" . "_" . "$site" ;
  14. if ($ADMIN[$theu] and $yes = = 1) {
  15. Header ("Location: $ADMIN [$theu]/$file");
  16. } else {
  17. Header ("Location: $ADMIN [Defaulturl]");
  18. }
  19. } else {
  20. Header ("Location: $ADMIN [Defaulturl]");
  21. }?>

How to use: Save the above code as dao4.php, such as my test validatecode.rar in my Site http://vvschool.cn/temp/download inside, then use the following code to indicate the download connection.

FileName? site=1&file= file

2. Server anti-theft chain

3. Software download anti-theft chain method

 
 
  1. //Place the root directory of the download software relative to the current script directory
  2. $fileRelPath = ".. /.. /software ";
  3. //Exceptions allow connection of URLs, note: Their own domain name does not need to fill in, set to be sure to download,
  4. The //empty string ("") indicates the direct input URL download situation
  5. $EXCLUDEREFERARR = Array ("www.wreny.com", "wreny.com");
  6. chdir ($fileRelPath);
  7. $fileRootPath = GETCWD () . "/" ;
  8. $filePath = $HTTP _get_vars ["file"];
  9. $url = Parse_url ($_server["Http_referer"]);
  10. if ($url[host]!=$_server["Http_host"] & &!in_array ($referHost, $excludeReferArr)) {
  11. ?>

In fact, there are a lot of anti-hotlinking, here only a general idea as a reference: ⑴iis anti-hotlinking, using Isapi_rewrite, can be used as a solution to Windows anti-hotlinking; ⑵ picture Anti-hotlinking, add watermark in the picture, although hotlinking can achieve the purpose, But they are also doing publicity for their website.


http://www.bkjia.com/PHPjc/445799.html www.bkjia.com true http://www.bkjia.com/PHPjc/445799.html techarticle Hotlinking is the content that the service provider does not provide itself, bypassing other beneficial end-user interfaces (such as advertisements) by technical means and providing it directly to the end user on its own website ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.