i made this simple code to prevent hotlinking my files from my php download file :

if ((strpos($_SERVER['HTTP_REFERER'],'www.domain.com')!==0)) {
    $redirect='index.php';
    header("Location: $redirect");
    exit;
}

it's not working , it always redirect me to index.php even if i clicked the link inside my wbesite. i tried to change the domain to many types like :

http://www.domain.com
www.domain.com
domain.com
domain

but still the same problem

i found the solution, i just made a compare between HTTP_REFERER and the HTTP_HOST using strpos, if they match that mean there is no hotlinking. the code :

if($_SERVER['HTTP_REFERER'])
   {
      if(!strpos($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST']))
         {
            $redirect='index.php'; 
            header("Location: $redirect");
         }
   }

You actually want to use !== FALSE instead. The string could be at position 0. Also include zerkms' suggestion:

if (!empty($_SERVER['HTTP_REFERER']) && 
    (strpos($_SERVER['HTTP_REFERER'],'www.domain.com') !== FALSE)) {

Documentation: http://php.net/manual/en/function.strpos.php