Jul 4, 2009

Check Referrer To Prevent Linking Yours From Other Sites - Check referrer with Php and Mysql

free web hosting
Open Discussion > MODERATED AREA > Tutorials

Check Referrer To Prevent Linking Yours From Other Sites - Check referrer with Php and Mysql

P0T33n
Check Referrer Using Php To Prevent People Linking To Your Downloads From Other Sites

Ever find that found some people are listing items, images and tuts and linking directly to the download url (those that are like my photoshop tutorial.php?id=0), which is a .php to count the number of downloads. To prevent this, you can add a piece of code to the download pages that checks which page referred them to the download page: if it's my domain, it downloads the file normally, if it's not, it will redirect to my home page instead.

Important: Not all browsers log referrers, so this won't work depending on the browser the visitor uses and this method can be also bypassed, but it will work for for the major part of visitors.

CODE
<?php
$yoursite = "yoursite.com"; //Your site url without http://
$yoursite2 = "www.yoursite.com"; //Type your domain with www. this time

$referer = $_SERVER['HTTP_REFERER'];

//Check if browser sends referrer url or not
if ($referer == "") { //If not, set referrer as your domain
$domain = $yoursite;
} else {
$domain = parse_url($referer); //If yes, parse referrer
}

if($domain['host'] == $yoursite || $domain['host'] == $yoursite2) {

//Run your dowloading code here normally

} else {

//The referrer is not your site, we redirect to your home page
header("Location: http://yoursite.com");
exit(); //Stop running the script

}

?>


Hope some one finds this usefull!! smile.gif

Notice from electriic ink:
P0T33n, in the future please ensure that your topic titles and descriptions are as descriptive as possible and that you put all your code in [-CODE-] tags. Thank you.

 

 

 


Comment/Reply (w/o sign-up)

Plenoptic
That is pretty useful I might have to try it sometime. Hopefully I can adjust it to work on all browsers and make it more secure. I would post a comment on the page saying that those who have reached the page from the wrong area can visit the site that way people know the link they got wasn't from the creator of the download or whatever. I can use this for my download system. Nice tutorial.

Comment/Reply (w/o sign-up)

Dooga
Referals can be changed, which means that this sometimes doesn't work.

Comment/Reply (w/o sign-up)

Florisjuh
This is a nice and usefull script, thanks for sharing it. Leeching is a pretty big problem nowadays seeing every website 'hotlinks like hell' while traffic is very important seeing content can be found everywhere nowadays.

Comment/Reply (w/o sign-up)

Sprnknwn
Nice tutorial. I´ll definitely bookmark it, maybe it´ll be useful in the near future. Thanks.

Comment/Reply (w/o sign-up)

delivi
great script, will help a lot in saving the precious bandwidth.

Comment/Reply (w/o sign-up)

Soby
What is the file that I want to put on the server is hosted on a different webserver. Can it check referers for that too?

Comment/Reply (w/o sign-up)

FeedBacker
Bad script,very bad. If I put in my reffer : "> ,then this site with this script is vulnerable to XSS

-reply by Number.49

Comment/Reply (w/o sign-up)

hitmanblood
Well, this is useful script for web statistics but not for the prevention of unwanted download. So you should check it it may be as starting point for some other more secure scripts.

But as this script is very easily defeated it is not very secure. So be careful when imposing this script to your site. And another thing I personally never use open source scripts that are widely available for important security parts of my sites.

***--this is after edition--***

there is also one thing is referral is entered as blank that is as you can make custom user agents then you may be able to enter the site and make it work in unwanted way.
This is important fact.

Comment/Reply (w/o sign-up)



Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.

Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

This textarea will convert to Rich-Text automatically (IE, Firefox, Chrome)

Similar Topics

Keywords : check, referrer, prevent, linking, sites, check, referrer, php, mysql

  1. Sql Injection, How To Do It, And How To Prevent It
    NOT a hacking tutorial, learn how to secure PHP scripts (0)
  2. How To Download Any Flv Files From Any Sites
    (7)
    Now you can download any flv files from any websites!! People often know how to download youtubes
    clip, but not from other sites. In this tutorial you will need a tool name Moyea FLV Downloader, it
    is free and you can download it at http://www.flvsoft.com/download_flv/ This is the best tool i
    have meet up with to download flv files in any site. Since it can detect flv files, and list it, you
    can download it as you want, so no more favourite clips goes away from your sight and now you have
    it on your own hard drive! 1. Run moyea flv downloader see 1.jpg 2. At the left....
  3. Best Way To Add Paypal To Mediawiki Sites
    (0)
    Hey everyone! i just wanted to tell you guys how i added my paypal button to my site! if you go
    to apolopedia.com, you can see that i have a paypal button above my ads on every page. I still use
    the monobook skin, so i went into the skins and edited my php... i basically just added my paypal
    code above the advertisements header in the coding so that it will display there.... i would like it
    more towards the top but i dont want to mess with it too much. /** * MonoBook nouveau * *
    Translated from gwicke's previous TAL template version to remove * dependency o....
  4. Getting Started With Mysql
    creating tables and insert data into them. (2)
    Hi in this tutorial you will learn how to create tables and insert items into them. First steps are
    to create the database - go into your cpanel and mysql databases, from there make an account and a
    database and then attach them together with all priviliges, call the database test and the account
    admin, with the pw as pass - or any other password. We need to connect to the database so first in
    your php file (probably named index.php) - this is how to do it. CODE
    mysql_connect("localhost", "admin", "pass") or die(mysql_error()); mysql_select_db("test") or
    die(mysql_....
  5. Php Linking
    One of the major advantages of PHP is the ability to create something (4)
    PHP Links Requirements 1. You should understand the majority of PHP (ex: variables, echo, etc.
    www.w3schools.com is a good reference). 2. Experienced with HTML. 3. You need a PHP compatible
    server if you wish to see your results. Description One of the major advantages of PHP is the
    ability to create something similar to an Iframe, only without the scroll-bar. The main advantage of
    this is that you only need one layout page, while the others can be simple 'white space &
    content' pages. Another advantage of this is your web site doesn't look like a fi....
  6. Adding Data To A Database And Displaying It Later
    Using Forms, PHP and MySQL (1)
    Requirements: PHP Support MySQL Database access I am going to use a news program as an example.
    Ok, first you are going to need to connect to the database. Do so by using the code below. I have
    added some comments where you will need to edit to fit your server's specifications. Create a
    new file with notepad and call it config.php QUOTE //Change root to your database
    account's username $dbusername = "root"; //Add your account's password in between the
    quotations $password = " "; //Add the name of the database you are using in between the qu....
  7. Simple User System
    php, mysql driven (21)
    Hey! Maybe you've seen my other tutorials...or my signature.. Anyways I'm going to show you
    how to make a system so users of your site could register accounts and you could have protected -
    user only - pages on your site /smile.gif" style="vertical-align:middle" emoid=":)" border="0"
    alt="smile.gif" /> Ok, so we start by creating a config.php file. CODE     $dbhost   =
    'database host';     $dbname   = 'database name';     $dbusername   = 'database
    username';     $dbuserpass = 'database password';          mysql_connec....
  8. Simple Shoutbox
    PHP, MySQL driven.. (34)
    Ok, so I'm going to show you how to create a very basic shoutbox which is driven with PHP and a
    MySQL database. So, lets start - open a database management program like PHPMyAdmin and run these
    queries. SQL CREATE TABLE `shoutbox` ( `id` INT( 11 ) NOT NULL AUTO_INCREMENT , `name`
    VARCHAR( 255 ) NOT NULL , `mail` VARCHAR( 255 ) NOT NULL , `time` VARCHAR( 255 ) NOT NULL ,
    `message` TEXT NOT NULL , `ip` VARCHAR( 255 ) NOT NULL , PRIMARY KEY ( `id` ) ) TYPE = MYISAM ;
    CREATE TABLE `shoutbox_admin` ( `id` INT( 11 ) NOT NULL AUTO_INCREMENT , `name` VARCHAR( 255....
  9. Prevent People From Linking To Your Downloads
    (5)
    Ever find that found some people are listing items, images and tuts and linking directly to the
    download url (those that are like image.php?id=0). To prevent this, you can add a piece of code to
    the download pages that checks which page referred them to the download page: if it's your
    domain, it downloads the file normally, if it's not, it will redirect to your home page instead.
    Important: Not all browsers log referrers, so this won't work depending on the browser the
    visitor uses and this method can be also bypassed, but it will work for for the major part....
  10. Cpanel Mysql Database Management
    Part 2.1 Of My 7 Part Cpanel Tutorial (6)
    This tutorial is an extension to my 7 tutorial series about the Cpanel. The 7 different Cpanel
    tutorials can be found below. Part 1: E-mail Management Part 2: Useful Site Management Tools
    Part 3: Useful Site Management Tools2.1 Part 4: Analysis/Log Files Part 5: Advanced Tools Part
    6: PreInstalled Scripts, Extras, and Cpanel Options Part 7: Fantastico Detailed Cpanel
    Tutorial Part 2.1: MySQL Management In this tutorial, i will explain how to add, edit, delete
    and over-all manage the MySQL Feature in the Cpanel. Creating a MySQL Database 1) ....
  11. Starting Or Stopping Apache And Mysql Server Via Batch File
    (0)
    Hi guys, this is a litte tutorial about how we start and stop the Apache and MySQL in Windows NT
    (2000, XP, 2003) via a batch file script. As we know in Windows NT based system Apache and MySQL
    installed as Windows Services. So we can stop and start it using NET command. For more information
    about DOS command, type HELP at command prompt. I assuming that your MySQL service name is "mysql"
    and your Apache (Apache 2.0.x) service name is "apache2". If you want to chek it click Start > Run >
    services.msc > OK. Windows IS NOT Case Sensitive. Let's get started!. 1. Open....
  12. Download Videos From Sites & Convert It.
    especially sites like youtube, google etc... (28)
    This tutorial shows you how to download videos from sites like YouTube, Google, Break etc, which
    runs is in the extension of .flv(Flash Video), and then convert it to .avi or .mpg format. First of
    all, go to http://keepvid.com This site support the download of the sites listed below. QUOTE
    Angry Alien, ArtistDirect, Blastro, Blennus, Blip.tv, Bofunk, Bolt, Break.com, Castpost, Current TV,
    Dailymotion, DevilDucky, FindVideos, Free Video Blog, Google Video, Grinvi, Grouper, iFilm, LuluTV,
    Metacafe, Midis.biz, Music.com, MusicVideoCodes.info, MySpace, MySpace Video ....
  13. Quiz With Php, But Without Mysql
    (3)
    Ok let`s start! Once I wrote it for school: At first we need questions (php) CODE $form_block =
    " Quiz What's The Capital City Of England? How Many Letters Are There In The
    Alphabet? WHat's 3+10? "; That takes the form of a form... You can, of
    course edit the questions. I will now break that code down and explain the different parts. CODE
    The reason that any "s (Double quotes) are shown after a \ (Backwards slash) is becouse the
    PHP Parser will spew out errors if you forget to do this. "POST" Means that it will ....
  14. Installing Php + Mysql + Apache + Phpmyadmin On Windows Part 2
    Continue the last section which is installing phpMyadmin (0)
    QUOTE phpMyAdmin lets you control you MySQL database from a web browser. Steps: 1. If you
    haven't done so already, download the phpMyAdmin Database Manager - You can download the
    software from the phpMyAdmin website. Be sure to download the phpMyAdmin-2.6.2-pl1.zip file. Save
    the file on your Windows Desktop. ... ... ... Go to for more info. Post Copied. Member
    Banned ....
  15. Searching With Php And Mysql
    The easy way :P (2)
    Searching with PHP and MySQL is pretty easy when you think about it, especially if you're doing
    it the simple way (without boolean or whatever) /tongue.gif' border='0'
    style='vertical-align:middle' alt='tongue.gif' /> It consists of a few forms, a query and an
    output. As I said, simple! CODE \"> The form that you just made
    contains a text input that people will type into, the next code will extract the form data and then
    search it.. Form processing /wink.gif' border='0' style='vertical-align:middle' alt='wink.gif' />
    ....
  16. Getting Content To Blog About
    Good for bloggers and content-rich sites (0)
    There are many ways to build content for your blog. I am just sharing some ways that I have
    personally used to build content-rich blog for my company. (http://blogasia.biz) While I am trying
    my best to provide as much information as possible, these are not all the ways to do it. I am merely
    sepeking from the point of a 4 month old blogger. So if you have anything to add to this thread
    please feel free to do so. 1) Feeds. Also commonly known as RSS / XML / Syndication etc. What
    ever it is .. these are merely ways of grabbing information from a website / blog that have....
  17. Install Php 5 To Work With Mysql
    (0)
    hi, all php 5 is new to all people a long time( actually, I forget how long...). it introduced a
    more object-oriented design to developer. like, access type(public, private, protected), abstract
    type(classes that can't create objects), interface support, and more . althrought it is
    widerly available, someone still can't get it running with mysql. every time the php is starting
    up. a message prompted stated that some xtensions can not be found, and therefore, not loaded. so, I
    have written this to help other and newbie get it start quickly. note: thi....
  18. A Nice Mysql Server Check
    (4)
    I made this and its not very hard at all just fill in the info and it willl see if your mysql is up
    or down CODE Mysql Connection Test // On this you need to put your host most of
    the times localhost username and password. $conncect = mysql_connect ( "host", "Username",
    "password" ) or die (" Sorry your server can't connect to your mysql server Check to see you
    have put in the Username and password and if this is the 1st time you have got this And it has
    worked before That means you need to contact your hoster and tell them my MySql server is....
  19. How To Stop Image Hot Linking
    for a selected directory. (17)
    Those of you that don't know what is meant by 'hotlinking', it is when someone directly
    links to an image on your site so it will display on their site. This is what is called
    'bandwidth theft' and being as accounts here have a limit on bandwidth, your bandwidth limit
    could be exceeded by someone else hotlinking to your images. As most users of cPanel will know,
    there is an option to disable hotlinking of images in the "Site Management Tools" section.
    However, this disables hotlinking to all directories, what if you only want to disable hotlinki....
  20. Mysql Database Setup
    tutorial walk through (1)
    Post copied. Google cache to source Credits have been adjusted. Setting Up Your MySQL &
    phpMyAdmin For The First Time This tutorial will show you how to set up your MySQL and your
    phpMyAdmin with ease, regardless of whether you are going to be using PHP Nuke or PHP Nuke
    Platinum. The process is still the same. -Log into your CPanel with your User Name and Password.
    -Click on MySQL icon -Now, we need to create a database also known as Db , Your User Name will
    make up part of the necessary details, but you don't need to do this as it will be done au....
  21. [php] Prevent Copying A Template For Each New Page
    (0)
    This code means every time you make a page you don't need to copy and paste the HTML code for
    your template, this can make editing links, especially those that appear on every page, and pages a
    lot easier. 1. Make sure that your template is coded so it is fully expandable. 2. Insert this
    code into the content area of your template, and save the file as index.php, instead of .html
    QUOTE $val = $_GET ; // Replace id with whatever you want to use, eg ?id=page $val .= ".html"; //
    Makes the filename complete so if you called ?id=index, it would be index.php it has....
  22. Php Dynamic Signatures
    Using the GD Module and MySQL (9)
    PHP Dynamic Signatures using the GD Module After much scowering on the internet to find a
    suitable tutorial on this subject, I came up empty-handed. So I was forced to learn it on my own
    through trial & error. And since I had discovered a lack of tutorials on this subject, I dediced to
    write one! Working Example: Abstract : Using the GD Module of PHP allows a developer
    to build custom Images with Dynamic Content. Such content could be the Requesting Users IP Address,
    Web-Browser Type, Operating System, even the number of times the user has seen th....
  23. Backing Up And Restoring Mysql Databases
    (10)
    If you're an Administrator on a Forum, you probably know the importance of regular data backups.
    My Forum is always being hacked by someone and they always delete our SQL Databases. Well this
    tutorial is for all of you who want to protect your data and restore it if necessary! Okay, backing
    up your data is the first part. I use Cron Jobs in my cPanel to automate the backup process. Just
    use this code for backing up all your SQL Databases: CODE mysqldump -u root -psecret
    --all-databases > backup.sql OR if you wish to backup only a single database: CODE ....
  24. Excluding Your Site From Showing Up On Search Engines
    Or how to prevent stalkers from finding your personal site. (0)
    Firstly, I suppose there are very few people here who would want to do this. Most people want
    their sites to be listed on search engines, and these are probably the ones thinking that I must
    have a loose screw or something. But if you use your site for personal blogging and want to keep it
    open to friends and yet prevent your privacy from being infringed upon, this is worth looking at.
    What you need: 1. A text editor. Notepad works fine for me. 2. Coffee. (Not because you're going
    to stay up all night, but because I like to drink coffee for any and every reason po....
  25. Php/mysql Login/register
    Tutorial for login with databases. (4)
    Start register code. Register.php CODE Username: Email: Pass: Verify
    Pass: //Login to your database. Make the fields of course..
    mysql_connect("localhost","user","pass"); mysql_select_db("database"); //end //if registering,
    check fields. if ($action == register) { if (!$user || !$pass || !$email || !$vpass) {  print
    "You must fill out all fields.";  exit; } $dupe1 = mysql_num_rows(mysql_query("select * from
    table where user='$user'")); if ($dupe1 > 0) {  print "Someone already has that
    username.";  exit....
  26. Complete Login And Registration System
    doesn't use mysql! (9)
    kLogin 0.1 QUOTE(readme.txt) Readme file to kLogin 0.1 To use the internet explorer fix:
    download the latest IE7 ZIP file
    (http://sourceforge.net/project/showfiles.php?group_id=109983&package_id=119707) Extract the ie7
    zip file to the root directory of your web server. Example, if you are using a unix/linux server,
    it's on "public_html/" or "home/public_html" Open kLogin.php file with your editor and edit the
    $info_text or $info_txt variable. Then, extract the kLogin.php file in to the root directory of
    your web server also. Just run kShoutBox.php If ....
  27. How To Host Ur Own Site In 2 Mins Php+mysql Needed
    (34)
    QUOTE Run you're own server for testing phpmysql or just to host you're own website or
    for you're friends. -needS: a PC that's all 8) - How to ? download : CODE
    http://server.paehl.de/apache20.zip : 30 seconds Installing:---> 1 minute
    *********************************** Unpack the exe where ever you want. after unpack run
    serverinst.exe and change Servername and your e-mail. Start the following files one time:
    start_apache.cmd --> start apache as service mysql_start_as_service.cmd  --> dito for mysql
    mysql_first_start.cmd  --> start m....
  28. Shoutbox, Made Easy
    PHP+MySQL ShoutBox! Very simple... (17)
    Just create a PHP file named "kShoutBox.php" CODE /* ******************************
      kShoutBox 0.1 ****************************** */ /* ****************************************
    This ShoutBox script was created by Juan Karlo Aquino de Guzman DO NOT MODIFY THIS CODE AND
    DISTRIBUTING IT WITHOUT ANY PERMISSION. E-MAIL THE AUTHOR FIRST. Email: 01karlo@gmail.com DO NOT
    REMOVE THE "POWERED BY". FOR SUGGESTIONS, COMMENTS, ETC, SEND AN EMAIL TO 01karlo@gmail.com
    HOPE THAT YOU ENJOY THIS SCRIPT! MY FRIENDSTER: karlo@*BLEEP*it.com ***************....
  29. Clicks Counter
    With PHP + MySQL (1)
    Well, in this tut, I'll show you how to do an simple link counter, with only one count for each
    IP and the date when the link were clicked. Just remember, this is only one way to do it. First,
    create an mysql database called 'links', with 2 table: first table will be called
    'links', with the columns: id, title, ref and clicks. The other one will be 3 columns and
    will be called links_info: id, ip and date. Just remember that the columns 'id' of this
    second table IS NOT auto-increment. Here is the code of the file which will count the clicks, ....
  30. Complete Login System
    With PHP + MYSQL (57)
    Its an complete login sistem made and tested by me and I think itwill be very usefull for people who
    are tryn to learn PHP. First, let's make register.php: CODE include("conn.php"); //
    create a file with all the database connections if($do_register){ // if the submit button were
    clicked if((!$name) || (!$email) || (!$age) || (!$login) || (!$password) || (!$password2)){ print
    "You can't let any fields in blank.\n"; // if the user did not put some field exit; } $name =
    stripslashes($name); $email = stripslashes($email); $age = stripslashes($age); $login = s....

    1. Looking for check, referrer, prevent, linking, sites, check, referrer, php, mysql
Similar
Sql Injection, How To Do It, And How To Prevent It - NOT a hacking tutorial, learn how to secure PHP scripts
How To Download Any Flv Files From Any Sites
Best Way To Add Paypal To Mediawiki Sites
Getting Started With Mysql - creating tables and insert data into them.
Php Linking - One of the major advantages of PHP is the ability to create something
Adding Data To A Database And Displaying It Later - Using Forms, PHP and MySQL
Simple User System - php, mysql driven
Simple Shoutbox - PHP, MySQL driven..
Prevent People From Linking To Your Downloads
Cpanel Mysql Database Management - Part 2.1 Of My 7 Part Cpanel Tutorial
Starting Or Stopping Apache And Mysql Server Via Batch File
Download Videos From Sites & Convert It. - especially sites like youtube, google etc...
Quiz With Php, But Without Mysql
Installing Php + Mysql + Apache + Phpmyadmin On Windows Part 2 - Continue the last section which is installing phpMyadmin
Searching With Php And Mysql - The easy way :P
Getting Content To Blog About - Good for bloggers and content-rich sites
Install Php 5 To Work With Mysql
A Nice Mysql Server Check
How To Stop Image Hot Linking - for a selected directory.
Mysql Database Setup - tutorial walk through
[php] Prevent Copying A Template For Each New Page
Php Dynamic Signatures - Using the GD Module and MySQL
Backing Up And Restoring Mysql Databases
Excluding Your Site From Showing Up On Search Engines - Or how to prevent stalkers from finding your personal site.
Php/mysql Login/register - Tutorial for login with databases.
Complete Login And Registration System - doesn't use mysql!
How To Host Ur Own Site In 2 Mins Php+mysql Needed
Shoutbox, Made Easy - PHP+MySQL ShoutBox! Very simple...
Clicks Counter - With PHP + MySQL
Complete Login System - With PHP + MYSQL

Searching Video's for check, referrer, prevent, linking, sites, check, referrer, php, mysql
See Also,
advertisement


Check Referrer To Prevent Linking Yours From Other Sites - Check referrer with Php and Mysql

Affordable Web Hosting, Low cost Web Hosting - ComputingHost.com