3

I have this php code (image.php):

if($_SERVER['SERVER_NAME'] == 'site.tld') {

    header('Content-type: image/jpeg');
    echo file_get_contents("image1.jpg");

} else {

    header('Content-type: image/jpeg');
    echo file_get_contents("image2.jpg");

}

*This page (image.php) is hosted on site.tld;

Now... This code will be called by <img src='http://site.tld/image.php' />.

I'd like to dispay image1.jpg if image is called on site.tld and image2.jpg if not.

That code displays image1.jpg whatever domain name where code is called.

Any solutions ? Thanks.

Edit: The output of $_SERVER['SERVER_NAME'] is site.tld (my server) on any websites...

That's the problem because the script not works properly.

Improve this question
4
  • Can you post a 'error_log(print_r( $_SERVER, true ))'? Commented Oct 24, 2012 at 20:44
  • There is no errors. Problem is that code displays always image1.jpg whatever domain name where code is called. Commented Oct 24, 2012 at 20:48
  • Please, Show us the echo $_SERVER['SERVER_NAME'] result and check the if condition. Commented Oct 24, 2012 at 20:48
  • try it with function: imagecreatefromjpeg Commented Oct 24, 2012 at 20:50

4 Answers 4

Reset to default
4

Try this:

    $imgPath = "image1.jpg";

    if(stripos($_SERVER["HTTP_REFERER"], 'http://site.tld/')=== false){

       $imgPath = "image2.jpg";

    }

    //echo $_SERVER["HTTP_REFERER"]."<br/>";
    //echo $imgPath."<br/>";

    header('Content-type: image/jpeg');
    echo file_get_contents($imgPath);

Other option (based on PWhite comments) :

All calls you make from http://site.tld/ add a querystring key, and then evaluates this data too.

Inside site.tld :

<img src='http://site.tld/image.php?myfookey=secret' />

Outside site.tld :

<img src='http://site.tld/image.php' />

image.php

$imgPath = "image1.jpg";

if (!(isset($_REQUEST["myfookey"]) &&  $_REQUEST["myfookey"] == 'secret')){
    $imgPath = "image2.jpg";
} 

header('Content-type: image/jpeg');
echo file_get_contents($imgPath);
Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

From the PHP documentation: "The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted."
Yes, something like that :) But this example has some errors. There is an alternative?
Not "physical" errors. I mean some "bugs". Eg: From site2.tld : right click > view image, and image is now displayed on site1.tld but it remains the same.
sorry, I do not quite understand. If you navigate from Server site2.tld or site1.tld the image you show is image2.jpg? To be sure to uncomment the echos and check if some data is wrong
I added another alternative, please let me know if you have solved @PWhite
|
1

That is because 

$_SERVER['SERVER_NAME']

shows the name of your server (i.e. the server that executes the PHP).

What you want is the URL of the page that contains <img src='http://site.tld/image.php' /> and I'm not sure the client's browser sends such information to your server.

/edit: If you're trying to prevent third party websites from showing your picture, you want to do that at the server configuration level, e.g. http://www.davidairey.com/stop-image-theft-hotlinking-htaccess/

Improve this answer

2 Comments

Most of the time it does, as $_SERVER['HTTP_REFERER'] but this can be spoofed.
The output of $_SERVER['SERVER_NAME'] is site.tld (my server) in all websites... Looking for a way to take the current url using the picture.
0

First off, check the $_SERVER['SERVER_NAME'] output for the if condition. Then use readfile() instead of file_get_contents().

Improve this answer

1 Comment

The output of $_SERVER['SERVER_NAME'] is site.tld (my server) in another websites... That's the problem because the script not works properly.
0

If you're using Apache, try setting UseCanonicalName Off in your virtual host config (probably need to reload/restart Apache).

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.