Hotlink prevention script stopped working?

M

manintan13

New Member
Messages
6
Reaction score
0
Points
0
I have an anti-image-theft script that has been working for months, but when I uploaded it to the X10Hosting server, it quit working. I removed the "@" before the include() function, and commented out the content-type header to see the php error message, but there was only a single character: a question mark. I don't know what could be messed up. I've include()d and require()d things bellow the document root all though my site, and it has worked just fine. And the script shouldn't need a GD library, because it worked on a server that didn't have one. It worked with PHP4 & PHP5. Does anyone have any ideas?

PHP: 
<?php
//(c) http://0gb.us/

session_start();
header('Content-Type: image/png');
header('Cache-Control: public');
header('Pragma: public');
if(isset($_SESSION['REMOTE_ADDR']) && $_SESSION['REMOTE_ADDR'] == $_SERVER['REMOTE_ADDR'] && isset($_GET['png']) && !preg_match('"/"', $_GET['png']))
{ @include("{$_SERVER['DOCUMENT_ROOT']}/../../PNG/{$_GET['png']}.png"); }
else
{ include("{$_SERVER['DOCUMENT_ROOT']}/../../PNG/Hotink.png"); }
?>
 
descalzo

descalzo

Grim Squeaker
Community Support
Messages
9,373
Reaction score
326
Points
83
Step one would be to remove the @ from the @include. If you want to catch errors, don't suppress error reporting.

Step two would be $_SERVER['DOCUMENT_ROOT'] is /home/foo/public_html , where 'foo' is your cPanel username. If you placed your images in /home/foo/PNG , aren't you going up too many directories with /../../PNG/Hotink.png ?
 
M

manintan13

New Member
Messages
6
Reaction score
0
Points
0
Thanks for the help!

As I said in the first post, I did remove the "@". The only output is a single question mark. That is a copy of the original script. I used the document root as a reference point, because I didn't know where my home folder was in relation to the server's file system root. It worked in all my other scripts.

The reason for the double "../" is because the only place the CPanel would let me put the document root of an add-on domain was a subdirectory of the public_html directory. So, my document root is at "/home/foo/public_html/bar". Once this final script works again, I'll be using the domain from my old site.

I replaced "{$_SERVER['DOCUMENT_ROOT']}/../.." with "/home/foo" as you said, but I still don't get an error message. Now I don't even get a question mark, just a blank page. I'm at a loss.

The current script reads:
PHP: 
<?php
session_start();
//header('Content-Type: image/png');
header('Cache-Control: public');
header('Pragma: public');
if(isset($_SESSION['REMOTE_ADDR']) && $_SESSION['REMOTE_ADDR'] == $_SERVER['REMOTE_ADDR'] && isset($_GET['png']) && !preg_match('"/"', $_GET['png']))
//{ include("{$_SERVER['DOCUMENT_ROOT']}/../../PNG/{$_GET['png']}.png"); }
{ include("/home/manintan/PNG/{$_GET['png']}.png"); }
else
//{ include("{$_SERVER['DOCUMENT_ROOT']}/../../PNG/Hotink.png"); }
{ include('/home/manintan/PNG/Hotink.png'); }
?>
 
M

manintan13

New Member
Messages
6
Reaction score
0
Points
0
readfile()... readfile()...
Googleing ...
Checking php.net for correct usage ...
Implementing ...
...
... ...
Success! Seemingly random characters have been output to the browser! Now I just need to add the content-type header back into the code.

Thank you very much! You've really made my day.
 
You must log in or register to reply here.
Top