The Forum has been Updated
The code has been upgraded to the latest .NET core version. Please check instructions in the Community Announcements about migrating your account.
Does any know of an anti leach script that can be integrated in to the snitz forum primarily to stop hot linking of images and be able to replace the hot linked image with a custom image for example "this image has been hotlink from site name"
Ideally I would like it to be able to work on subdirectories too, really for members photo gallery's.
any help, advice would be appreciated.<
Ideally I would like it to be able to work on subdirectories too, really for members photo gallery's.
any help, advice would be appreciated.<
Posted
i found a little bug in my code....
if someone use a network traffic monitor like "wildpaket etherpeek" and want to see a image he don't get the real image path
but yesterday i used a new programm for testing my site for security risks and sql and xss injections and this prog find my real image path... i was not lucky... but ok.... (prog was "Acunetix Web Vulerability Scanner")
so i decide to output the image as a server stream... and i see it works more fine
so no program can now get the real path...
new code to replace
'############### get image beginn
'############### get image end
by the way snitz forum software passes the"Acunetix Web Vulerability Scanner" check it shows 37 errors but these errors are not a failure of the asp code...
<
if someone use a network traffic monitor like "wildpaket etherpeek" and want to see a image he don't get the real image path
but yesterday i used a new programm for testing my site for security risks and sql and xss injections and this prog find my real image path... i was not lucky... but ok.... (prog was "Acunetix Web Vulerability Scanner")
so i decide to output the image as a server stream... and i see it works more fine
so no program can now get the real path... new code to replace
'############### get image beginn
Code:
case "img"
Err_Msg = ""
FName = Request.QueryString("FName")
if Instr(FName,"/") then
UserFolder = Base64Decode(left(FName, Instr(FName,"/")-1))
FileName = right(FName, len(FName)-Instr(FName,"/"))
FilePath = Path & "\files\" & strFileSavePath & "\" & UserFolder & "\" & FileName
FName = Request.QueryString("FName")
FileName = right(FName, len(FName)-Instr(FName,"/"))
set fs=Server.CreateObject("Scripting.FileSystemObject")
If fs.FileExists(FilePath) then
Set objFile = fs.GetFile(FilePath)
Response.Clear()
Response.Expires=-1
Response.Buffer = True
Response.ContentType = "application/octet-stream"
Response.AddHeader "content-disposition", "attachment;filename="&FileName
Response.AddHeader "Content-Length", objFile.Size
Response.AddHeader "Accept-Ranges","bytes"
Response.Charset = "UTF-8"
Set Stream = server.CreateObject("ADODB.Stream")
Stream.Open
Stream.Type = 1
Stream.LoadFromFile FilePath
Response.BinaryWrite Stream.Read()
Response.Flush
Stream.Close
Set Stream = Nothing
Set objFile = Nothing
else
Response.Redirect ("../img/page/not_found.jpg")
End If
else
Response.Redirect ("../img/page/not_found.jpg")
End Ifby the way snitz forum software passes the"Acunetix Web Vulerability Scanner" check it shows 37 errors but these errors are not a failure of the asp code...
<
ich finds genial...
bei uns ist es ratzekuz dunkel und bei dene alle heller nachmittag 
Posted
I haven't forgot about this, just been very short on time. I'm off work for 2 weeks next week so will get stuck into it then.
Many thanks.<
Many thanks.<
Posted
why dont you try the following link to find what you are looking for
forums.anti-leech.com<
forums.anti-leech.com<