Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
Reload this Page Hot linking blocking in attatchment.php?
FAQ Members List Calendar Search Today's Posts Mark Forums Read
  #1  
Old 06-30-2004, 03:12 AM
krohnathlonman krohnathlonman is offline
 
Join Date: Feb 2004
Posts: 157
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Hot linking blocking in attatchment.php?
I've been thinking about looking into this... If anybodies already done it please hook me up with it I've been using the VB attatchment system for all of my articles and now the article images are getting hotlinked fairly often.
Reply With Quote
  #2  
Old 06-30-2004, 03:45 AM
Zachery's Avatar
Zachery Zachery is offline
 
Join Date: Jul 2002
Location: Ontario, Canada
Posts: 11,440
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by krohnathlonman
I've been thinking about looking into this... If anybodies already done it please hook me up with it I've been using the VB attatchment system for all of my articles and now the article images are getting hotlinked fairly often.
I think the simpilest thing to do is not allow guests to view attachments
Reply With Quote
  #3  
Old 07-06-2004, 03:48 AM
alan92rttt alan92rttt is offline
 
Join Date: Oct 2002
Posts: 20
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
PHP Code:
$url=parse_url($HTTP_REFERER);
if(!empty($url["host"])&&strpos($url["host"],'vbulletin.org')==0){
    echo "Error 500-invalid server call - ".$url["host"]." - Remote linking Denied";
    exit;

Just change vbulletin.org to your site.

This only works of the browser is providing referer.

Then echo can be totally removed.
Reply With Quote
  #4  
Old 07-06-2004, 03:52 AM
Andreas's Avatar
Andreas Andreas is offline
 
Join Date: Jan 2004
Location: Germany
Posts: 6,863
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
@alan92rttt
This will not work, as the user can set the referrer to any value he wants.
Reply With Quote
  #5  
Old 07-06-2004, 03:56 AM
Jolten Jolten is offline
 
Join Date: Mar 2004
Posts: 749
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Zachery
I think the simpilest thing to do is not allow guests to view attachments
True.. but not always possible. My site is geared towards guests seeing images, letting them hot link is another matter.

.htaccess does a pretty good job though.
Reply With Quote
  #6  
Old 07-06-2004, 06:19 AM
dstruct2k's Avatar
dstruct2k dstruct2k is offline
 
Join Date: Dec 2002
Location: Winnipeg
Posts: 318
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by KirbyDE
@alan92rttt
This will not work, as the user can set the referrer to any value he wants.
How desperate are people getting if they're altering their referrer just to see one image?
Reply With Quote
  #7  
Old 07-08-2004, 01:58 AM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Using a .htaccess file to prevent hotlinking works on the same principle as the code posted above. Because of the session-less design of HTTP, there are really only 2 ways you can prevent hotlinking. 1 - referrer url or 2 - user authentication.
Reply With Quote
  #8  
Old 09-28-2004, 08:39 PM
JBMoney JBMoney is offline
 
Join Date: Feb 2002
Posts: 109
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
.htaccess won't protect attachments though, will it? It won't keep someone from using a img src tag to post an attachment from your Forum to where ever they want to. How can that be done?
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 01:52 AM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04025 seconds
  • Memory Usage 2,227KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_php
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete