Thread: NEw fusker = ixtractor.com -> impossible to stop from hotlinking !
View Single Post
Old 08-30-2006, 01:04 PM  
borked
Totally Borked
 
borked's Avatar
 
Industry Role:
Join Date: Feb 2005
Posts: 6,284
Quote:
Originally Posted by Broda
This is the solution I would suggest.

All that nonsense about constantly renaming your folders, and redirecting non-ref-url traffic.. do any of you guys discussing this actually submit free sites or galleries? jeeez....
just in case anyone was going to try and implement this, don't jsut do it blindly - for eg in my example, you're passing a GET variable directly to mysql which is always a bad idea....
so at least replace
Code:
$query="SELECT mime, file FROM images WHERE id=".$_GET["id"];
with

Code:
$query="SELECT mime, file FROM images WHERE id=".mysql_real_escape_string($_GET["id"]);
Don't want to opening up a security hole there now
__________________

For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)


All models are wrong, but some are useful. George E.P. Box. p202
borked is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote