Note that it really does not matter that anyone can see the name of your image file - they can't access it directly since it's hidden in some unknown subdirectory that only the PHP script knows about. If you want to use a JPEG file named "award.jpg", just put it in your new image directory and call it with the IMAGE SRC tag with The PHP script can handle GIF, JPG and PNG image files. Don't bother to try to use any other type of file - the built-in function it uses to detect the file type may not be able to determine its type correctly. ----------------------------------------------------- showImageGuard (PHP version) 1.01 Copyright 2000-2003 by Christopher Heng. All rights reserved. Visit http://www.thesitewizard.com/ for the latest version of this script. You can also contact me through the online form on the website. I. LICENCE TERMS 1. You may use this script on your website, with or without modifications, free of charge. 2. You may NOT redistribute this script, whether modified or not. The script is meant for your personal use on your website, and can only be distributed by the author, Christopher Heng. 3. THE SCRIPT AND ITS DOCUMENTATION ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, NOT EVEN THE IMPLIED WARRANTY OF MECHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOU AGREE TO BEAR ALL RISKS AND LIABILITIES ARISING FROM THE USE OF THE SCRIPT, ITS DOCUMENTATION AND THE INFORMATION PROVIDED BY THE SCRIPTS AND THE DOCUMENTATION. If you cannot agree to any of the above conditions, you may not use the script. Although it is NOT required, I would be most grateful if you could also link to us at: http://www.thesitewizard.com/ II. INSTALLATION AND CONFIGURATION INSTRUCTIONS Instructions for installing and configuring the script can be found at: http://www.thesitewizard.com/ Look for the article "How to Protect Your Images from Bandwidth Thieves". III. SUPPORT There is none. You got it without paying a cent, remember? If you beg very politely, I may answer :-) - but there's no guarantee of that. Officially, there's no support. You're better off trying to read the article and following its instructions. It's much faster. IV. CONTACTING THE AUTHOR (BUG REPORTS, LICENSING QUESTIONS) Please use the feedback form on the website: http://www.thesitewizard.com/feedback.php V. WANT MORE SCRIPTS AND OTHER USEFUL WEBMASTER INFORMATION? Sign up for thesitewizard newsletter. It's free. To subscribe, send an email (blank or otherwise) to: subscribe@thesitewizard.com Or use the online form at: http://www.thesitewizard.com/ Note that the above email address is attached to a mailing list program, which will process your subscription request automatically. Do not send any email to me there - there are no humans at that email address and your message will not reach me. Use the feedback form at the site instead. */ // ---------------- CONFIGURABLE SECTION ----------------- // Please modify the following or it will not work on // your website. // Where did you actually put your images? // Make sure that the path you put below ends with // a directory slash ("/"). The script below assumes it. $imagedir = "./fotos/ebay_300/" ; // What are the websites (hostnames) that can use this image? // If your site can be accessed with or without the "www" prefix, make sure you put both here. Do not put // any trailing slashes ("/") nor any "http://" prefixes. // Follow the example below. $validprefixes = array ( "faz.net", "google.de", "google.com", "translate.googleusercontent.com", "images.google.com", "cgi.ebay.ch", "ebay.ch", "www.ebay.ch", "vi.ebaydesc.ch", "bulksell.ebay.de", "ebay.de", "www.ebay.de", "previewitem.ebay.de", "vi.ebaydesc.de", "thumbs.ebaystatic.com", "ebaystatic.com", "ebaydesc.com", "vi.ebaydesc.com", "vi.vipr.ebaydesc.com", "vi.raptor.ebaydesc.de", "vi.ebaydesc.at", "cgi.ebay.at", "cgi1.ebay.at", "cgi2.ebay.at", "cgi3.ebay.at", "cgi4.ebay.at", "cgi5.ebay.at", "cgi6.ebay.at", "cgi7.ebay.at", "ebaydesc.at", "cgi.ebay.de", "cgi1.ebay.de", "cgi2.ebay.de", "cgi4.ebay.de", "cgi5.ebay.de", "cgi6.ebay.de", "cgi7.ebay.de", "rewards.ebay.de", "ebaydesc.de", "ebay.com", "www.ebay.com", "cgi.ebay.com", "i.ebayimg.com", "ebay.ch", "cgi.ebay.ch", "ebayrtm.com", "ebaystatic.com", "rtm.ebaystatic.com", "www.rk-stegplatten.de", "rk-stegplatten.de", ) ; // What is the main page of your website? // Visitors will be directed here if they type "http://www.yourdomain.com/chimage.php" in their browser. $homepage = "http://www.rk-stegplatten.de/" ; // What is your email address? // If you want to be informed when someone tries to use this script to access an image illegitimately, you // must uncomment (remove the "//" prefix) the following line and change it to point to your email address. $email = "rk_marketing_300@4yv.de" ; // ------------ END OF CONFIGURABLE SECTION ------------ // --- YOU NEED NOT MODIFY ANYTHING AFTER THIS LINE --- function isreferrerokay ( $referrer, $validprefixes ) { $validreferrer = 0 ; $authreferrer = current( $validprefixes ); while ($authreferrer) { if (eregi( "^https?://$authreferrer/", $referrer )) { $validreferrer = 1 ; break ; } $authreferrer = next( $validprefixes ); } // echo $validreferrer; return $validreferrer ; } //----------------------- main program ----------------------- $image = $_GET['image'] ; $referrer = getenv( "HTTP_REFERER" ); if (isset($_GET['image'])) { if (empty($referrer) || isreferrerokay( $referrer, $validprefixes )) { $imagepath = $imagedir . $image ; $imageinfo = getimagesize( $imagepath ); if ($imageinfo[2] == 1) { $imagetype = "gif" ; } elseif ($imageinfo[2] == 2) { $imagetype = "jpeg" ; } elseif ($imageinfo[2] == 3) { $imagetype = "png" ; } else { header( "HTTP/1.0 404 Not Found" ); exit ; } header( "Content-type: image/$imagetype" ); @readfile( $imagepath ); echo $imagepath ; echo $image ; echo $referrer ; } else { if (isset($email)) { mail( $email, "Bandwidth Theft Alert", "WARNING:\n\n$referrer\ntried to access\n$image\n", "From: showimageGuard <$email>" ); } header( "HTTP/1.0 404 Not Found" ); /* // Stolen image header( "Content-type: image/gif" ); @readfile( "/your/replacement/image/filepath.gif" ); */ } } else { header( "Location: $homepage" ); } ?>