Snitz Forums 2000

Snitz Forums 2000

All Forums

Snitz Forums 2000 MOD-Group

MOD Add-On Forum (W/O Code)

anti leech for images

Note: You must be registered in order to post a reply.
To register, click here. Registration is FREE!
Before posting, make sure you have read this topic!

Screensize:

UserName:

Password:

Format Mode:

Format:

Message:

* HTML is OFF
* Forum Code is ON

Smilies

Check here to include your profile signature.

T O P I C R E V I E W
rasure	Posted - 29 April 2007 : 12:56:01 Does any know of an anti leach script that can be integrated in to the snitz forum primarily to stop hot linking of images and be able to replace the hot linked image with a custom image for example "this image has been hotlink from site name" Ideally I would like it to be able to work on subdirectories too, really for members photo gallery's. any help, advice would be appreciated.<
13 L A T E S T R E P L I E S (Newest First)
master01	Posted - 24 July 2007 : 03:36:18 why dont you try the following link to find what you are looking for forums.anti-leech.com<
rasure	Posted - 15 July 2007 : 04:05:31 I haven't forgot about this, just been very short on time. I'm off work for 2 weeks next week so will get stuck into it then. Many thanks.<
Sonic	Posted - 26 May 2007 : 08:06:59 i found a little bug in my code.... if someone use a network traffic monitor like "wildpaket etherpeek" and want to see a image he don't get the real image path but yesterday i used a new programm for testing my site for security risks and sql and xss injections and this prog find my real image path... i was not lucky... but ok.... (prog was "Acunetix Web Vulerability Scanner") so i decide to output the image as a server stream... and i see it works more fine so no program can now get the real path... new code to replace '############### get image beginn case "img" Err_Msg = "" FName = Request.QueryString("FName") if Instr(FName,"/") then UserFolder = Base64Decode(left(FName, Instr(FName,"/")-1)) FileName = right(FName, len(FName)-Instr(FName,"/")) FilePath = Path & "\files\" & strFileSavePath & "\" & UserFolder & "\" & FileName FName = Request.QueryString("FName") FileName = right(FName, len(FName)-Instr(FName,"/")) set fs=Server.CreateObject("Scripting.FileSystemObject") If fs.FileExists(FilePath) then Set objFile = fs.GetFile(FilePath) Response.Clear() Response.Expires=-1 Response.Buffer = True Response.ContentType = "application/octet-stream" Response.AddHeader "content-disposition", "attachment;filename="&FileName Response.AddHeader "Content-Length", objFile.Size Response.AddHeader "Accept-Ranges","bytes" Response.Charset = "UTF-8" Set Stream = server.CreateObject("ADODB.Stream") Stream.Open Stream.Type = 1 Stream.LoadFromFile FilePath Response.BinaryWrite Stream.Read() Response.Flush Stream.Close Set Stream = Nothing Set objFile = Nothing else Response.Redirect ("../img/page/not_found.jpg") End If else Response.Redirect ("../img/page/not_found.jpg") End If '############### get image end by the way snitz forum software passes the"Acunetix Web Vulerability Scanner" check it shows 37 errors but these errors are not a failure of the asp code... <
rasure	Posted - 13 May 2007 : 15:38:37 Many thanks Sonic, I will let you know how it all goes once I've implemented it, I haven't had a great deal of time lately, but I appreciate all your replies and suggestions<
Sonic	Posted - 09 May 2007 : 14:13:22 for the showing fotos use this: make a file called getfile.aspand insert this: <!--#INCLUDE FILE="config.asp" --> <!--#INCLUDE FILE="base64.asp"--> <% '############### site pass beginn If InStr(Request.ServerVariables("HTTP_REFERER"),"pop_photo_view.asp") or _ InStr(Request.ServerVariables("HTTP_REFERER"),"photo_album_view.asp") then '############### site pass end select case Request.QueryString("view") '############### get image beginn case "img" FName = Request.QueryString("FName") if Instr(FName,"/") then UserFolder = Base64Decode(left(FName, Instr(FName,"/")-1)) FileName = right(FName, len(FName)-Instr(FName,"/")) Response.Redirect ("../uploaded/" & UserFolder & "/" & FileName & "") else Response.Redirect ("../img/page/not_found.jpg") end if '############### get image end '############### leacher beginn case else Response.Redirect ("../img/page/leacher.jpg") end select else Response.Redirect ("../img/page/leacher.jpg")end If '############### leacher end %> check the file pathes for your files (red marked) ========================================== make a file called base64.aspand insert this: <% Const Base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789~_" Function Base64Encode(inData) Dim cOut, sOut, I For I = 1 To Len(inData) Step 3 Dim nGroup, pOut, sGroup nGroup = &H10000 * Asc(Mid(inData, I, 1)) + _ &H100 * MyASC(Mid(inData, I + 1, 1)) + MyASC(Mid(inData, I + 2, 1)) nGroup = Oct(nGroup) nGroup = String(8 - Len(nGroup), "0") & nGroup pOut = Mid(Base64, CLng("&o" & Mid(nGroup, 1, 2)) + 1, 1) + _ Mid(Base64, CLng("&o" & Mid(nGroup, 3, 2)) + 1, 1) + _ Mid(Base64, CLng("&o" & Mid(nGroup, 5, 2)) + 1, 1) + _ Mid(Base64, CLng("&o" & Mid(nGroup, 7, 2)) + 1, 1) sOut = sOut + pOut Next Select Case Len(inData) Mod 3 Case 1: '8 bit final sOut = Left(sOut, Len(sOut) - 2) + "--" Case 2: '16 bit final sOut = Left(sOut, Len(sOut) - 1) + "-" End Select Base64Encode = sOut End Function Function MyASC(OneChar) If OneChar = "" Then MyASC = 0 Else MyASC = Asc(OneChar) End Function Function Base64Decode(ByVal base64String) Dim dataLength, sOut, groupBegin base64String = Replace(base64String, vbCrLf, "") base64String = Replace(base64String, vbTab, "") base64String = Replace(base64String, " ", "") dataLength = Len(base64String) If dataLength Mod 4 <> 0 Then Err.Raise 1, "Base64Decode", "Bad Base64 string." Exit Function End If For groupBegin = 1 To dataLength Step 4 Dim numDataBytes, CharCounter, thisChar, thisData, nGroup, pOut numDataBytes = 3 nGroup = 0 For CharCounter = 0 To 3 thisChar = Mid(base64String, groupBegin + CharCounter, 1) If thisChar = "-" Then numDataBytes = numDataBytes - 1 thisData = 0 Else thisData = InStr(1, Base64, thisChar, vbBinaryCompare) - 1 End If If thisData = -1 Then Err.Raise 2, "Base64Decode", "Bad character In Base64 string." Exit Function End If nGroup = 64 * nGroup + thisData Next nGroup = Hex(nGroup) nGroup = String(6 - Len(nGroup), "0") & nGroup pOut = Chr(CByte("&H" & Mid(nGroup, 1, 2))) + _ Chr(CByte("&H" & Mid(nGroup, 3, 2))) + _ Chr(CByte("&H" & Mid(nGroup, 5, 2))) sOut = sOut & Left(pOut, numDataBytes) Next Base64Decode = sOut End Function %> i use it to encode the member id so it is not so easy to decode the real folder of a file. further i use a "file_save_path" (a another folder) so the real path of a file looks like this http://192.168.0.9/files/ds9f7sda9f70asd5chu/1/file.txt ========================================== on the page you want to see the image include the base 64 for encode the "member folder" and replace the <img ....... > tag with the "getfile.asp......" tag to show the image only if you come from a page witch are allowed to show the image e.g. <!--#INCLUDE FILE="base64.asp"--> <img name='img' src="getfile.asp?view=img&FName=<% = Base64Encode(M_Name) %>/image_file_name.jpg> <
rasure	Posted - 07 May 2007 : 16:37:59 Sorry for not replying sooner I've been busy. Many thanks for all your replies, I will have a closer look when I get home tomorrow, thanks once again Sonic, at a quick look the only problem I can see with it being used for a members gallery are the folders names for all members "folder_with_stored_images" since images are stored in individual folder names for each member ie /uploaded/rasure/ for my member name. Unfortunately I don't have access to the server for DLL files<
Jezmeister	Posted - 30 April 2007 : 18:29:47 All the same, I think the same advice should apply here as did for a fair while until the referer mod was incorporated into the main release... if any users have problems and complain tell them to "stop using crap software" or words to that effect anyway <
HuwR	Posted - 30 April 2007 : 07:02:04 see my post above yours for cautions on using such scripts<
Sonic	Posted - 30 April 2007 : 06:59:36 here is a light version of my anti leach script i use... (i use it for the file attachment, picture album, images and downloads) - it is the light version only for images make a new file called: getfile.asp store these lines in it: <% If InStr(Request.ServerVariables("HTTP_REFERER"),"topic.asp") or _ InStr(Request.ServerVariables("HTTP_REFERER"),"pop_preview.asp") or _ InStr(Request.ServerVariables("HTTP_REFERER"),"post.asp") then FileName = Request.QueryString("FName") Response.Redirect ("../img/folder_with_stored_images/" & FileName & "") else Response.Redirect ("../img/leacher.jpg") end if %> and place the img tag to where you need: <img src="getfile.asp?FName=imagetoshow.jpg"> if somebody view e.g. the topic page the image will displayed if somebody copy the url he will get the leacher image... ========================================================= if somebody like to have the full version of the antileacher mod (not published yet!) let me know <
HuwR	Posted - 30 April 2007 : 06:54:34 unfortunate problem is that to work effectively it usese the http referrer which as we all know to well nasty programs like Norton don't transmit, so you may end up hiding your images from your own users<
pdrg	Posted - 30 April 2007 : 06:50:47 What a great find!<
Podge	Posted - 29 April 2007 : 14:59:39 Free dll - http://www.michaelbrumm.com/leechblocker.html<
HuwR	Posted - 29 April 2007 : 13:58:38 the only way to do this effectively is either using a .net httphandler or an isapi dll<

Snitz Forums 2000

This page was generated in 0.05 seconds.