1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Referrer Check (Anti-Leech)

Discussion in 'PHP' started by webviz, Jun 27, 2006.

0
  1. #1
    Hello everyone,

    I've written a simple anti-leech script which will check the referral and either allow the download or deny it. Here is what I have so far:

    
<?php
$referer = $_SERVER['HTTP_REFERER'];
$referer_parse = parse_url($referer);

if($referer_parse['host'] == "mysite.com" || $referer_parse['host'] == "www.mysite.com") {
     // download...
} else {
     header("Location: http://www.mysite.com");
     exit();
}
?>
    PHP:
    Some people have a problem with this. For some it just redirects them to the home page insted of give them the download and for others it just works.

    My friend has told me something about some people not having referrals on or something like that which may cause the problem. So my question is: Is there another way around this and prehaps make it more secure?

    I hope I will be hearing from you PHP gurus soon! :)
     
    webviz, Jun 27, 2006 IP
  2. abuzant

    abuzant Well-Known Member

    Messages:
    956
    Likes Received:
    45
    Best Answers:
    0
    Trophy Points:
    140
    #2 
    
if(eregi($_SERVER["HTTP_HOST"], str_replace("www.", "", strtolower($_SERVER["HTTP_REFERER"]))))
{
// download
} else {
// exit
}
    PHP:
    Thats a quicker code.

    Now, regarding your question.. Yes, there are people that hide their referral URL using programs like privoxy or others..

    For me, it sounds like this.. If he is not showing me where he came from, he dosen't deserve the download. So you need to forget about those 1% people that have the referer paranoia :D
     
    abuzant, Jun 27, 2006 IP
  3. webbist

    webbist Peon

    Messages:
    89
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Note, these scripts arn't fool-proof. I wrote a crawler not to long ago, and I was grabbing images using a function to download the files via socket and send a referer header - So watch out, if someone is dedicated to leeching, it is possible. Also, alot of download managers send fake referer headers now.
     
    webbist, Jun 28, 2006 IP
  4. dtang4

    dtang4 Active Member

    Messages:
    303
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    58
    #4
    dtang4, Jun 29, 2006 IP
  5. amorph

    amorph Peon

    Messages:
    200
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #5
    amorph, Dec 17, 2009 IP
  6. ghprod

    ghprod Active Member

    Messages:
    1,010
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    78
    #6
    hahaahhaha ... nice one :D

    anyway we can set fake referrer using refspoof and mozilla browser :D


    regards
     
    ghprod, Dec 18, 2009 IP