Check referrer - PHP & MySQL tutorial
- Added: Jul 3rd, 2006
- Level: Medium
- Author: Melfina
- Reads: 25,506
- Description: Avoid direct-linking to your download pages with a simple code.
I've recently found some people that are listing the textures or brush sets at Celestial Star and linking directly to the download url (those that are like brushes.php?id=0), which is a .php to count the number of downloads. To prevent this, I added a piece of code to the download pages that checks which page referred them to the download page: if it's my domain, it downloads the file normally, if it's not, it will redirect to my home page instead.
Important: Not all browsers log referrers, so this won't work depending on the browser the visitor uses and this method can be also bypassed, but it will work for for the major part of visitors.
<?php
$yoursite = "yoursite.com"; //Your site url without http://
$yoursite2 = "www.yoursite.com"; //Type your domain with www. this time
$referer = $_SERVER['HTTP_REFERER'];
//Check if browser sends referrer url or not
if ($referer == "") //If not, set referrer as your domain
$domain = $yoursite;
else
$domain = parse_url($referer); //If yes, parse referrer
if($domain['host'] == $yoursite || $domain['host'] == $yoursite2) {
//Run your dowloading code here normally
} else {
//The referrer is not your site, we redirect to your home page
header("Location: http://yoursite.com");
exit(); //Stop running the script
} ?>
That's all :) I hope you find it useful. If you have any question, feel free to ask at the forum.
If you like this tutorial why not 
digg it or 
add to del.icio.us?
Tutorial © Melfina. Do not reproduce in any way without previous permission from the author.