i made this simple code to prevent hotlinking my files from my php download file :
if ((strpos($_SERVER['HTTP_REFERER'],'www.domain.com')!==0)) {
$redirect='index.php';
header("Location: $redirect");
exit;
}
it's not working , it always redirect me to index.php even if i clicked the link inside my wbesite. i tried to change the domain to many types like :
http://www.domain.com
www.domain.com
domain.com
domain
but still the same problem
You actually want to use
!== FALSE
instead. The string could be at position0
. Also include zerkms' suggestion:Documentation: http://php.net/manual/en/function.strpos.php
i found the solution, i just made a compare between
HTTP_REFERER
and theHTTP_HOST
usingstrpos
, if they match that mean there is no hotlinking. the code :