兩個文件,第一個文件(例子中的index.asp)負責產生隨機的下載鏈接,并將密匙寫入COOKIE;第二個文件(例子中的download.asp)根據COOKIE找到實際下載地址,然后使用Response.AddHeader和Server.Transfer來重定向地址。為什么不使用Response.Redirect呢?是因為Response.Redirect是在客戶端的重定向。如果使用Response.Redirect,那么真實的下載地址還是傳給了客戶端,這樣防盜鏈的作用就小了很多,用MYIE等等瀏覽器或工具都可以輕易的獲得真實下載地址。而IIS5.0中提供的Server.Transfer是服務器端的重定向,與客戶端無關,這樣客戶端就無法獲得真實的下載地址。
下面是ID為1的下載文件TTT.EXE的防盜鏈示例程序,具體內容如下:
<!---------------index.asp----------------->
<%Response.Buffer = true%>
<HTML>
<HEAD>
</HEAD>
<BODY>
<%
Response.Write "下載地址:<br><br>"
Randomize
x = int(rnd()*1000)
Response.Write "<a href='download.asp?id=" & 1*x & "'>ttt.exe</a>"
'這里只是簡單的運算,呵呵,這已經足夠了。
Response.Cookies("secret") = x
%>
</BODY>
</HTML>
<!---------------download.asp----------------->
<%
Response.Buffer = true
if Request.cookies("secret") = "" then Response.End
if not Isnumeric(request.cookies("secret")) then Response.End
'這里對傳遞過來的值沒有多加判斷,只是為了節省篇幅
secret = clng(Request.Cookies("secret"))
id = clng(Request.QueryString("id"))
if id/secret = 1 then
Response.AddHeader "content-type","application/x-msdownload"
Response.AddHeader "Content-Disposition","attachment;filename=ttt.exe"
Server.Transfer "ttt.exe"
else
Response.Write "Error!"
end if
%>
第二方法
打開文件 SoftDown.Asp 在:
if request.QueryString("ID")="" then
response.write "不能連接或者沒有指定下載軟件"
response.end
end if
的上面或者是下面加上下列代碼
dim strReferer,domain,splDomain,isHttp
isHttp=false
本站下載cn-media.com/i-v/index.shtm>系統網址列表,不要帶上http://
domain="sron.net,61.156.14.223,61.156.14.227"
splDomain=split(domain,",")
strReferer=Request.ServerVariables("HTTP_REFERER")
for iii = 0 to ubound(splDomain)
if instr(strReferer,trim(splDomain(iii)))>0 then isHttp=True
next
if isnull(strReferer) or isHttp=false then
Response.Write "下載鏈接來自其他網站,這是不允許的,<a href=""./"">請進入本站頁面后再進行下載。</a>"
CloseDatabase
response.end
end if
本站下載cn-media.com/i-v/index.shtm>系統網址列表 就是訪問你下載頻道網址里的域名,比如你的下載頻道可以用多個網址來訪問,所以這里用逗號隔開.
當然這里的防盜鏈只是相對的,只要知道了軟件存放地址,防盜鏈就不管用了.
第三方法
用Asp實現防盜鏈技術(帶自動返回功能)源文件代碼:
------------------------------------------------------------------------------------------------------------------------
<%
From_url = Cstr(Request.ServerVariables("HTTP_REFERER"))
Serv_url = Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(From_url,8,len(Serv_url)) <> Serv_url then
response.write "<b>非法鏈接!<br><span id=yu>3</span><a href=javascript:countDown></a>秒鐘后cn-media.com/i-v/index.shtm>系統將自動返回首頁......</b>"
response.write "<meta http-equiv=refresh content=3;url=index.asp>"
response.write "<SCRIPT>valignbottom()</SCRIPT>"
response.write "<script>function countDown(secs){yu.innerText=secs;if(--secs>0)setTimeout('countDown('+secs+')',1000);}countDown(3);</script>"
response.end
end if
Function GetFileName(longname)'/folder1/folder2/file.asp=>file.asp
while instr(longname,"/")
longname = right(longname,len(longname)-1)
wend
GetFileName = longname
End Function
Dim Stream
Dim Contents
Dim FileName
Dim TrueFileName
Dim FileExt
Const adTypeBinary = 1
FileName = Request.QueryString("FileName")
if FileName = "" Then
Response.Write "無效文件名!"
Response.End
End if
FileExt = Mid(FileName, InStrRev(FileName, ".") + 1)
Select Case UCase(FileExt)
Case "ASP", "ASA", "ASPX", "ASAX", "MDB"
Response.Write "非法操作!"
Response.End
End Select
Response.Clear
Response.AddHeader "content-disposition", "attachment; filename=" & GetFileName(Request.QueryString("FileName"))
Set Stream = server.CreateObject("ADODB.Stream")
Stream.Type = adTypeBinary
Stream.Open
if lcase(right(FileName,3))="rar" then '設置文件類型
TrueFileName = "/files/"&FileName '設置文件目錄的相對路徑
end if
Stream.LoadFromFile Server.MapPath(TrueFileName)
While Not Stream.EOS
Response.BinaryWrite Stream.Read(1024 * 64)
Wend
Stream.Close
Set Stream = Nothing
Response.Flush
Response.End
%>隨機推薦
