Anti Leech Question

[Nunim]

Ok I have this script

<?PHP
include("inc/mine-types.php");
require("config.php");
ini_set('register_gloabls', 'On');
$file=$file;
if ($_GET[file]) {$file=$_GET[file];}
$url=parse_url(httpvar(HTTP_REFERER));
$file=rawurldecode($file);
if (!$file) {echo "<center><br>no filename entered. please use: <b>". httpvar(PHP_SELF) ."?file=file_you_want_to_download</b>";exit;}
if ($url[host]!="" && $url[host]!=$mydomain1 && $url[host]!=$mydomain2) {printfile($nohotlinking);exit;}
else {
if (ereg("$file",httpvar(PHP_SELF)) || ereg("$file", "config.php")) {print "<b><center>Nice try. but i dont think so<br>go hack something else ";exit;} 
global $ext;
$filename=$file;sendfile($filename);
}

function sendfile($filename) {
global $type,$dlpath,$nosupprtfile,$notexist,$ext,$dlspeed;
$file="$dlpath/$filename";
$ext=substr(strrchr($filename, '.'), 1);
$mtype=$type[$ext];
if ($mtype=="") {printfile($nosupprtfile);exit;}
if (!file_exists($file)) {printfile($notexist);exit;}
if(ini_get('zlib.output_compression')) {ini_set('zlib.output_compression', 'Off');}
flush();
$file_size = filesize($file);
$fp = fopen($file, 'r');
header('Expires: 0');
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: $mtype");
header("Accept-Ranges: bytes");
#header("Content-Disposition: attachment; filename=\"" . $filename ."\"");
$user_agent = strtolower (httpvar(HTTP_USER_AGENT));
if ((is_integer (strpos($user_agent, "msie"))) && (is_integer (strpos($user_agent, "win")))) {
header( "Content-Disposition: filename=".basename($filename).";" );
} else {
header( "Content-Disposition: attachment; filename=".basename($filename).";");
}
header("Content-transfer-encoding: binary");
header("Content-Length: $file_size");
$speed="4096";
if ($dlspeed!=0) {$speed=round($dlspeed*1024);}
while (!feof($fp)) { 
echo(fread($fp, $speed)); 
if ($dlspeed!=0) {flush();sleep(1);}
} //end while
fclose ($fp);
exit; 
}


function printfile($file) {
global $mydomain1,$mydomain2,$admin,$adminemail;
global $filename,$ext;
if (!file_exists($file)) { print "can't open $file<br>does not exist";exit;}
$file_content = fread(fopen($file, "r"), filesize($file));
$wat=httpvar(HTTP_REFERER);
if ($wat == "") {$wat=httpvar(REMOTE_ADDR);} 
$file_content=ereg_replace("%referer","$wat", $file_content);
$file_content=ereg_replace("%mydomain1","$mydomain1", $file_content);
$file_content=ereg_replace("%mydomain2","$mydomain2", $file_content);
$file_content=ereg_replace("%admin","$admin", $file_content);
$file_content=ereg_replace("%emailadmin","$adminemail", $file_content);
$file_content=ereg_replace("%ext","$ext", $file_content);
$file_content=ereg_replace("%file","$filename", $file_content);
echo $file_content;
}

function httpvar($var) {
global $_SERVER,$HTTP_SERVER_VARS;

if (getenv($var)) {return getenv($var);}
elseif ($_SERVER[$var]) {return $_SERVER[$var];}
else {return $HTTP_SERVER_VARS[$var];}
}

?>

And the linking thing works but it allows people to go directly from the browser if they know the link. I need to stop this but I don't really know how HTTP_Referrer works. How would I change it? Thanks.

 

[adam_uk]

you can do anti leech with .htaccess if your server uses apache.

 

[mr-x]

ini_set('register_gloabls', 'On');

try globals instead of gloabls

Also you don't need this line if you replace httpvar with $_SERVER[], i.e $_SERVER['HTTP_REFERER'] & $_SERVER['REMOTE_ADDR']

If you are using Apache and can edit .htaccess, you can find recipes on google that will do this very cleanly with mod_rewrite.