Hey guys,

I run a Image Hosting site and would like to try and use some measures to help prevent abuse. Is there any way I can disallow a URL from linking to my images that would have a certain phrase in it?

Example: Any site that had the term "toplist" or "topsite" in it would no be able to link a working image.

I know I read a tutorial on stopping a individual URL from linking using mod_rewrite and .htaccess, but I would like to block out an entire phrase from any url.


Thanks.


Kyle

First you need to find the referer's URL.


$url = $_SERVER['HTTP_REFERER'];

Then you need to use strpos.
http://uk.php.net/manual/en/function.strpos.php


$find = strpos($url, "toplist");
if ($find) {
echo "The url given was not allowed.";
exit;
}

Then you need to do some .htaccess to rewrite the URLs, so you can pull the image through a php file.

Something like this;

Place a .htaccess file in a directory, say /images/, and place in this file:

RewriteEngine on
RewriteRule ^([A-Za-z0-9-]+.[A-Za-z0-9-]+) http://yoururl.com/image.php?image=$1.$2

If you are uploading the files into /files directory put this in images.php


//edit - forgot to put headers.



$image = $_GET['image'];
$url = $_SERVER['HTTP_REFERER'];
$find = strpos($url, "toplist");
$find2 = strpos($url, "topsite");
$find3 = strpos($url, "topimg");
if ($find || $find2 || $find3) {
echo "The url given was not allowed.";
exit;
}
$imageurl = "files/".$image;

//the following i took from an old script of mine. Do not copy without acknowledging "Colin Palmer"
if(substr($imageurl, -4, 4) == 'jpeg' ||
substr($imageurl, -4, 4) == 'JPEG' ||
substr($imageurl, -3, 3) == 'jpg' ||
substr($imageurl, -3, 3) == 'JPG') { $imagetype = "jpeg"; }
elseif(substr($imageurl, -3, 3) == 'bmp' || substr($imageurl, -3, 3) == 'BMP') { $imagetype = "bmp"; }
elseif(substr($imageurl, -3, 3) == 'png' || substr($imageurl, -3, 3) == 'PNG') { $imagetype = "png"; }
elseif(substr($imageurl, -3, 3) == 'gif' || substr($imageurl, -3, 3) == 'GIF') { $imagetype = "gif"; }
elseif(substr($imageurl, -4, 4) == 'tiff'
|| substr($imageurl, -4, 4) == 'TIFF'
|| substr($imageurl, -3, 3) == 'tif'
|| substr($imageurl, -3, 3) == 'TIF') { $imagetype = "tiff"; }
else { die("Woops, image type not determined!"); }

$headers = apache_request_headers();
if (isset($headers['If-Modified-Since']) && (strtotime($headers['If-Modified-Since']) == filemtime($fn))) {
header('Last-Modified: '.gmdate('D, d M Y H:i:s', filemtime($fn)).' GMT', true, 304);
} else {
header('Last-Modified: '.gmdate('D, d M Y H:i:s', filemtime($fn)).' GMT', true, 200);
clearstatcache();
if (file_exists($imageurl)) {
header('Content-Length: '.filesize($imageurl));
}
header('Content-Type: image/'.$imagetype.'');
print file_get_contents($imageurl);
}



I hope I understood you right.

Great thanks!

Some browsers don't send referrers, and some people turn referrers off. You might have a problem with that.

Some browsers don't send referrers, and some people turn referrers off. You might have a problem with that.

If its a webpage including it via <img src=""> then that won't matter.