Anti Leech PHP Download

[fukachu]

Hey everyone,

just wondering can any1 help me out with this.. im trying to protect downloads on my site so people cant easily (without a download manager) get the url of my files. i want people to visit my site rather then download from links all over the net.

i have only got 1 script to work out of the many i have tried. that being Download Lite 1.4 www.stadtaus.com but that puts that persons url in the download file as an advertisment and i cant find a way to remove that. so im back to square one. needing to find a script.

i have no ability in php at all, otherwise i wouldnt be asking i guess. can some1 help me out. i have sspent probably 24hours of total time jsut sitting here installing different scripts and getting nowhere, so many tried so many failed and its frustrating.

if some1 knows a good script and can help me through getting it working on my site i would really appreciate it.

cheers

Fizical

[john smith 1924 Veteran]

If you have cpanel installed on your host, there's a good script in that that works really well - i think we use it here, and i've put it on some other sites i've setup.

[fukachu]

thanks for your reply mr magoo,

from the website it appears the hosting service should supply this for me to use it, not something i can add myself, is that correct? because if so then im reasonably sure my hsot doesnt ahve anything.. the scripts they have in their management section are pretty useless, 2 i think in total. i got this host to start off because they are well prices and 100gb bandwidth is enough for starting for me.

thanks in advance for any help that comes my way :)

[Fr0stbite1]

theres definitly some good ones on www.hotscripts.com, cant remember any exact urls though sry

[_Dom_]

you want to find a script that has download.php?id=532

[Colin-uk Veteran]

i think you have to use .htacess for it, im not sure if PHP can do this by itself...?

[fukachu]

yes i want a script like that _Dom_

@ Fr0stbite1 i tried many of them at php Resrouces site which has a lot and a few from another script site but for some reason i couldnt get any right.. maybe im doing something wrong in the instructions i dont know.

there was one called download protector which seemed good because if some1 got the link to the download from another site they would get directed to whatever page i liked, so i could put up a page saying they havent accessed the download from my site adn then direct them to my sites homepage.

however whenever i set the allowed urls nothing would work so it would keep taking me back to my homepage rather then allow me to download. im sure i followed the instructions correctly but i must be doing something wrong.

so if some1 knows a script and is willing to help me out to get it working, which can be done right ehre in this topic, i would appreciate it... atleast if some1 knows the script im using they can help find what im doing wrong. so yeah whatever script you think is good then let me know and please help me through getting it working.

thank you a lot!

[cMendoza]

a fairly easy solution to that would be to use the $_GET('id') function in your page "download.php" and then call a mysql table that would have the actual url saved in correllation with the id, get the url, save it in a string and call it,.

I just picked up PHP yesterday though, so there may be an easier way

[Harsh!]

May I ask what all the fuss is about anti-leeching? Having never hosted anything like what the original poster does, i have no idea what the fuss is all about.

Some people just want to download stuff, and not have to go through all the hassel (in some cases) of signing up on a website, trolling through all the crap on the site etc...just to download what they want

What am i missing??

[fukachu]

@blindsleeper you went right over my head with that talk, lol. sorry but im total n00b at this..

@ Harsh! my site will consist of about 4 pages in total.. tehre isnt much to go through,

a news page, an msn skin download page a guireplacer module download page and a contact page.

i want people to visit my site so they know who to contact with problems.. they can comment on the download with problems or praise if they wish, the commetn system etc is already working. also i want people to know what else i have released.

and another things is that i will have some files 10mb in size and with 100gb bandwidth i cant have everyone getting the files from me all over the net and i will direct them to a deviantart mirror if i've used up too much bandwidth on that file.

im planning on have 3 msn skins ready in the near future and the snowe2 guir module and that will take a bit of bandwidth.. Rolando who makes msn skins has pretty small files really yet he uses 80gb or so a month.. so if a download is put down and a mirror is put up people will know because they visited my site and found out this information.

with the guir modules its important people can contact me ebcause if things go wrong their system could be stuffed and not able to start. there will be no registering needed or anything like that. i think its rpetty hassle free myself.

[GatorV]

Have a look at here:

http://www.hotscripts.com/PHP/Scripts_and_...tems/index.html

basically what you do is check the referrer to see if it's from your site, then look for the correct URL in a Database, calculate filesize and send the headers to the browser then read your file and echo it in parts, that will give you a antileech download :cool:

[fukachu]

i have tried quite i few of the scripts there.. my hsitory shows i've browsed the first 4 or 5 pages there.. i've tried the ones that seem to match my needs but couldnt get them working... i guess in a summary this is what i would like:

hide actual location

no need for mysql, although i have that on my server

no download center or anything like that.. i want freedom of simply pointing the link on my download page to say download.php?id=1

i think on top of that a nice feature would be to be able to limit toal bandwidth used.. or atleast keep track of it in the file on my server that only i can access. but this isnt that important but would be nice.

so far quite a lot of scripts seem to do what i want but i cant get them working.

http://www.hotscripts.com/Detailed/9194.html that is the script i have tried most recently.. but it kepts taking me back to my home page then letting me download the file.

if some1 can look over the script and i send them my download.php file maybe they can solve the problem for me. thanks a lot :)

[dnast]

To have a bandwidth limit, you'd need a login system. Otherwise you'd have to go by ip or cookies. Tracking ip addresses you would end up allowing only one person from a dorm/school/etc. to reach the limit and cookies can be easily deleted.

And if you had a login system, you wouldn't have a leech problem to worry about. I'm just not sure there will be enough on the site that people will want to spend time signing up for.

[fukachu]

well from the description of this scripts i have seen, mostly pay for ones do it best, you dont need people logging in to have a bandwidth limit.. because it would calculate the downloads from the site, add them up adn when it reaches the limit of your bandwidth you set then it stops downloads from being allowed... there are many scripts i ahve seen that will count your downloads.. so i cant see why you would need a login system for end users..

anyway thats not the important aspect i want.. that is just something that would be nice. i would simple like some help so if any1 is willing to help with the scripts i linked to in my above post.. then i can post my php file and they can see what im doing wrong. :) or alternatively help me with a script they use on their own site that they are familiar with, anything would be great.

[Techy_]

heres a small script i wrote a few weeks ago: http://www.hfbgaming.com/~hitech/image.php.txt

it would take input like 'image.php?file=whatever' the whatever would be the filename without the .jpg and all you have to do it put in a folder that you dont make public and set it in the file

also just change the referer to your site

hope this helps :)

edit: heres what it would look like (click it and copy and paste it into a new window to see the effects): http://www.hfbgaming.com/~hitech/imagenw.php?file=test

and here is the src: http://www.hfbgaming.com/~hitech/imagenw.php.txt

Edited February 14, 2005 by hitechoutlaw

[dnast]

I thought you meant a limit for individuals downloading from you :)

That last script you posted looks like it expects you to already have the "?id=" part set up, and just checks for the referer and redirects users based on that. But lets see what you've got right now.

Edit: didn't see hitech's post. My reply was to Fizical. That code looks short and to the point, though. Only a couple changed needed.

[Techy_]

That code looks short and to the point, though. Only a couple changed needed.

585467219[/snapback]

are you refering to my code? if so, what needs to be changed? i'm still in the learning stages of PHP

[dnast]

There's nothing wrong with your code. He's just not serving .jpg files is all.

[fukachu]

so what do i need to change to that script to make it allow other formats.. eg *.exe, *.rar *.zip most of my files will be *.exe

then i will give this a script a go and see how it works :) thanks everyone for the help so far its been great to see so many reply :)

[blackice912 Veteran]

Two good links:

STOP HOTLINKING AND BANDWIDTH THEFT WITH HTACCESS

PHP.net - Header

Using both together should get you want you need, from what I can tell after reading this thread.

Or just edit the other guys:

<?php
	$referer = explode('/',$_SERVER['HTTP_REFERER']);
	$filename = "./some_folder/".$_REQUEST['file'].".jpg";
	if ($referer[2] == "s6.invisionfree.com" && $referer[3] == "Scream_Radio" ) {
  header("Cache-Control: no-store, no-cache");
  header("Content-Type: application/octet-stream");
  header("Content-Disposition: attachment; filename=$filename");
  readfile($filename);
	} else {
  echo "You are not allowed to hotlink this image.";
	}
?>

Note: Still needs work (more code added) to it, but that's the jist of things.

[Techy_]

There's nothing wrong with your code. He's just not serving .jpg files is all.

585467281[/snapback]

ahh ok, i must have missed that part in his posts

so what do i need to change to that script to make it allow other formats.. eg *.exe, *.rar *.zip? most of my files will be *.exe

then i will give this a script a go and see how it works:))? thanks everyone for the help so far its been great to see so many repl:):)

585468526[/snapback]

it doesnt work but i have to get to school and dont have to work on it but its a start.

http://www.hfbgaming.com/~hitech/test.php?...st.exe&type=exe

http://www.hfbgaming.com/~hitech/test.php.txt

http://us2.php.net/manual/en/function.header.php for more info

edit: heh was typing when blackice posted

[King Raa]

off topic but your website (fizcals) looks really, i dunno, profesional or like, just good... (clicked on ur sig)

though from the content i saw i dunno wtf its about... gui replacer? just thought i'd say gj.

[fukachu]

@ King Raa i havent given any1 the URL to my website yet...

the link in my sig goes to DeviantArt and the other one goes to Modblog a blogging service.

Search the customizing sectiong of this forum for information of GUIReplacer.. bascially its like a shell pack program but it handles themes and i make the themes for it.. easier then updating shell packs all the time.. cause works on all windows xp systems and languages.

Now back on topic....

going from blackice's first link.. it i was to change the code like this:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com/ [NC
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(exe|rar|zip|cab)$ images/nohotlink.jpg [L] 

and obviously changed the url.. would that work? i looked around my site directories and couldnt find an .htaccess file.. but as im at work i was jsut using my browser to look at my ftp.

so lets say i dont have one.. would i:

make one and place it in my /www/ folder?

my server is a unix server and my files are stored in /www/files/

and obviously my website is stored in /www/

i'll have a look over at the php header page in my lunch break..

EDIT i just looked and saw you cant redirect to html files from .htaccess so this probably wouldnt be a good solution because people wouldnt know where to go from there would they? i guess i could always do an image with my site address in it.

Edited February 14, 2005 by Fizical

[fukachu]

http://www.htmlbasix.com/disablehotlinking.shtml

that stopped linknig to my file following the instructions there.. however if i enter the link directly into my browser it will still download. so people can just copy and past the link into their browser... this is good progress but i still would like it to not be able to download copy and paste because i want people to visit my site.. so is there a way that works

[dnast]

Did you check the box that says "Block blank referrers"?

Nice find, BTW!

[fukachu]

no i didnt because i thought that would block people behind firewalls? is that true? i dont mind blocking downlaod managers but if it blocks people behind firewalls then a few people might not be happy.