Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > General > Member Archives
Reload this Page Using REFERER in Avatar 2.0 PIC.PHP so people can't Leech
FAQ Members List Calendar Search Today's Posts Mark Forums Read
Details »»

Version: , by (Guest)
Developer Last Online: Jan 1970 Show Printable Version Email this Page
Version: Unknown Rating:
Released: 01-17-2001 Last Update: Never Installs: 0
 
No support by the author.

Hello,

I recently found out that people could use my server as a file server for their custom avatars. I wnated to add a refferer to it so that the pic.php script would only output the correct image if it was called from my site...if not I want it to post a broken image to save on bandwidth.

I can't use the mod_rewrite thing that Eva2000 suggested on this because the custom avatars are stored in the database.

I have over 10,000 members and I know for a fact that many of them do this.

Can someone please help me to write the refferer code into the pic.php code below:
Code:
<?php
require("global.php");

  if (isset($id) && $id != "") 
{ 
$temp = $id; 
settype($temp,"integer"); 
if (strval($temp) == $id) 
{ 
$image = $DB_site->query_first("SELECT filename,bin_data,filetype from custom_avatar where userid = $id"); 
} 
} 
  
if($image)
{
   $filename = $image[filename];
   $data = $image[bin_data];
   $type = $image[filetype];
   Header ( "Content-disposition: filename=".$filename);
   Header("Content-type: $type");
   echo $data;
}
?>
Here is the output of http://forums.paintballcity.net/pic.php?id=8077


Thanks.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 01-19-2001, 07:31 AM
Guest
  
Posts: n/a
Default
* up *
Reply With Quote
  #3  
Old 01-20-2001, 01:49 AM
Guest
  
Posts: n/a
Default
supposedly a "deny from *ipaddress*" in .htaccess is supposed to stop images from the *ipaddress* from displaying the images.

Unfortunately, while it worked for me in some cases, it hasn't worked lately by a site that instructed their users to visit us and steal our smilies!

If anyone has the right way to make it work in .htaccess that might solve your problem (and mine).
Reply With Quote
  #4  
Old 01-20-2001, 06:18 AM
Guest
  
Posts: n/a
Default
I use the following .htaccess in all of my image directories so that one can hotlink my images. I'm not sure if it works on all servers, but it always works on mine (Apache/Linux). Do not serve html files from a directory with this .htaccess in it because any referrals from a URL other than yours (search engine, etc) will be blocked. Just use it in your image directories:

-----

RewriteEngine On

RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*yourdomain.com/ [NC]

RewriteRule /* http://%{HTTP_HOST}/ [R,L]

-----
Reply With Quote
  #5  
Old 01-22-2001, 06:12 AM
Guest
  
Posts: n/a
Default
The custom avatars are stored in the database for "freddie's" hack. So that does me no good.

Any one else have an idea?
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 07:16 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03675 seconds
  • Memory Usage 2,218KB
  • Queries Executed 18 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_code
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (4)postbit
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete