vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Modification Requests/Questions (Unpaid) (https://vborg.vbsupport.ru/forumdisplay.php?f=112)
-   -   Hidden Download URL? (https://vborg.vbsupport.ru/showthread.php?t=50486)

McDohl 03-20-2003 12:43 AM
Hidden Download URL?
 
Hey all,

I was hoping if someone could spare just a little of their time to help me out.

I'm currently using Erdem's Advanced File Archive 2.0 ( https://vborg.vbsupport.ru/showthrea...threadid=45454 ) and at the moment, I like it. Everything is working smoothly except one thing.

The download link actually shows the URL it will be downloading from.

Would there be any way that in the status bar (where it usually shows a small page with a blue "E" and done next to it when the page is done loading) it would hide the URL from viewing by anyone by showing any text at all in it's place? It's a massive bandwidth using site and so we can't afford people being able to view the URL and hotlinking to it, as we use enough bandwidth as it is.

Anyone who would be able to take up this simple thing will have my gratitude, as I am useless at hacks.

Many thanks,
Scott

Brad 03-20-2003 01:35 AM
McDohl, there is *always* a way around hidden urls. A better way to do it would be redirecting anyone not coming from your site to your main page. or show a error when someone comes from anthor site. I can look into for you if you cant do it yourself.

filburt1 03-20-2003 01:39 AM
Check the HTTP_REFERER in the download script, and if it's not from the correct page, reject the download. That is, except for the idiots who use "privacy" protection to block it, making us webmasters have to completely reinvent the wheel for antihotlinking and such.

McDohl 03-20-2003 01:44 AM
@Filburt1 - I wouldn't be able to do that if I tried. :P I'm a newbie webmaster, so i'm not too handy on the idea of that.

@Anime-loo - I'd love it if you would be able to look into that for me. I'd appreciate it very much. However, would it be much of a problem if the downloads I mentioned were hosted on another server not linked to my actual website?

Thank you both for your quick replies. :)

Brad 03-20-2003 01:57 AM
In files.php find:

PHP Code:
// #################### View File ###################

if ($action=="viewfile"){
        if ($bbuserinfo['usergroupid']=="1" or $f=="") {
                header("Location: files.php?action=error"); 
        }else{ 
Replace with: (make sure you change both the ***yoururl.com here*** with your domain)

PHP Code:
// #################### View File ###################

if ($action=="viewfile"){
        if ($bbuserinfo['usergroupid']=="1" or $f=="") {
                header("Location: files.php?action=error"); 
        } elseif 
                $loo_hack_url "yoururl.com here";
                $member_url parse_url($GLOBALS[HTTP_REFERER]);
                   if ($member_url[host]!="***yoururl.com here**) {
                     eval("standardredirect(\"".gettemplate("redirect_loo_badurl")."\",\"\$loo_hack_url\");");
                   } else { 
Make a new template named redirect_loo_badurl.

Populate it with:

PHP Code:
Hotlinking is a no no
I havent tested this, cause i dont use said hack, and its late, so if theres a error, yank it out and ill see whats wrong with it.

Erwin 03-20-2003 01:58 AM
No matter what you do, it would be impossible to hide the URL. You can use JS to hide it from the status bar, but so what? People can still view the source. :)

Best to use .htacess or some other server based method to block hotlinking.

McDohl 03-20-2003 02:31 AM
Ack, there was a slight error.

Quote:
Parse error: parse error, unexpected T_VARIABLE, expecting '(' in /home2/halfbloo/public_html/files.php on line 184
Also, where you have to put your URL...do you mean the actual domain of the site that is hosting the files in question or the site with the actual forum added? :confused:

I hope i'm not causing you too much trouble. :dead:

@Erwin - Currently trying to learn htaccess. ;)

McDohl 03-20-2003 03:29 PM
Oh wait, I made an error.

It works!

Thanks very much! I appreciate it! :)


All times are GMT. The time now is 08:15 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01101 seconds
  • Memory Usage 1,739KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_php_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (8)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete