PHP hotlinking workaround

[monkey_05_06]

For those of us whose webhosts have disallowed hotlinking, but yet have PHP enabled, I've written up a simple script:

[code]<?php
  // file.php
  $err = "HIT THE GUY!"; // put your custom error message here
  $dir = "./";
  if (isset($_GET["file"])) {
    if ($_GET["file"] === $_SERVER["PHP_SELF"]) exit("Ha! Clever.");
    if (isset($_GET["dir"])) {
      $gdir = $_GET["dir"];
      $dir = ((($gdir[0] === ".") && ($gdir[1] === "/")) ? "" : "./");
      $dir .= $gdir . (($gdir[strlen($gdir) - 1] === "/") ? "" : "/");
      }
    if (!is_dir($dir)) $dir = "./";
    $file = $dir;
    $gfile = $_GET["file"];
    if (($gfile[0] === ".") && ($gfile[1] === "/")) {
      $gfile = explode("/", $gfile);
      $gfile = $gfile[sizeof($gfile) - 1];
      }
    $file .= $gfile;
    $ext_i = strrpos($file, ".");
    if ($ext_i === false) exit($err);
    $ext = substr($file, $ext_i + 1);
    if ((!is_readable($file)) || (!is_file($file))) exit($err);
    header("Content-length: " . filesize($gfile));
    if ((!strcasecmp($ext, "png")) || (!strcasecmp($ext, "gif"))) header("Content-type: image/" . strtolower($ext)); // display PNG and GIF images inline
    else if ((!strcasecmp($ext, "rar")) || (!strcasecmp($ext, "zip"))) header("Content-disposition: attachment; filename=\"" . $gfile . "\""); // download RAR and ZIP archives
    else if ((!strcasecmp($ext, "php")) || (!strcasecmp($ext, "htm")) || (!strcasecmp($ext, "html"))) { // redirect for PHP and HTML pages
      if (isset($_SERVER["HTTP_HOST"])) $host = $_SERVER["HTTP_HOST"];
      else $host = $_SERVER["SERVER_NAME"]; // this only applies on certain servers (such as my local testing server)
      header("Location: http://" . $host . substr($file, 1)); // redirect header requires a full path
      exit;
      }
    echo file_get_contents($file); // output the contents of the file, if not one of the above specified filetypes it will be printed as plain-text
    }
  else echo $err;
  ?>[/code]

If you upload that to your site as [color=green]file.php[/color] then you can create a link like [url=http://www.yoursite.com/file.php?dir=pictures&file=image001.png][color=green]http://www.yoursite.com/file.php?dir=pictures&file=image001.png[/color][/url] which would then load the PNG image as if you had linked to it directly (i.e., [url=http://www.yoursite.com/pictures/image001.png][color=green]http://www.yoursite.com/pictures/image001.png[/color][/url]).

If you pass a PHP or HTML file this script will automatically redirect (although this isn't necessary to by-pass hotlinking it makes more sense than trying to echo the contents of other files through this one (which could generate completely different results)).

RAR and ZIP archives will automatically be downloaded.

PNG and GIF images will be displayed inline as images.

Other than that adding new filetypes is fairly easy.

[size=1]I'm not entirely sure this is the right forum. If it's not I apologize to the mods for the trouble. ;)[/size]