Usage examples of $_SERVER['HTTP_REFERER'] to prevent hotlinking in PHP

Introducing a PHP code to prevent hotlinking, which mainly uses $_SERVER["HTTP_REFERER"]. Friends in need can refer to it.

The code is as follows:

http://bbs.it-home.org
*/
session_start();  
if(!isset($_SESSION['id'])or !isset($_SESSION['member'])){  
    echo "";//验证session  
exit();  
}  
$ref=$_SERVER['HTTP_REFERER'];  
if($ref==''){  
echo '对不起，不允许从地址栏访问';  
}else{  
$url=parse_url($ref);  
if($url[host]!='127.0.0.1'&& $url[host]!='localhost'){  
  echo '不允许盗链';  
  exit();  
}  
}  
?>

Explanation of "HTTP_REFERER": The URL address of the previous page that links to the current page. Not all user agents (browsers) will set this variable, and some can also modify HTTP_REFERER manually. Therefore, this variable is not always true.

Summary: Only click on the hyperlink (i.e.) Only the opened page has the HTTP_REFERER environment variable. Other windows opened such as window.open(), window.location=..., window.showModelessDialog(), etc. do not have the HTTP_REFERER environment variable.

The above is the usage example of PHP to prevent hotlinking $_SERVER["HTTP_REFERER"]. For more related content, please pay attention to the PHP Chinese website (www.php.cn)!