> From: The Disguised Jedi <disguised.jedi@xxxxxxxxx> > That runs all fine and dandy, but I want to check the absolute URL > that is calling it to make sure it is an approved URL. (For example, > I need the URL of the HTML file that contains the <img> tag that is > requesting the image from the php script) $_SERVER['HTTP_REFERER'] should contain the script that's requesting the image, but it can be spoofed. Are you using sessions at all? You could start a session on the main page (that requests the images) and then check for the same session on the page that creates the images. If a session isn't created (a certain variable isn't set), then don't serve the image or serve something else. A fun thing to do if you have a lot of people hotlinking to your images is to set it up so it works for the first 10 minutes or so but then changes to serving some nasty gay porn image (after they've probably posted it to their site somewhere)... heh... but I digress... ---John Holmes... UCCASS - PHP Survey System http://www.bigredspark.com/survey.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
