"foto_geburtstag.gif", // "hi1lk" => "hin1/hintersee_l_k.jpg", // "hi1rg" => "foto_geburtstag.gif", // "hi1rk" => "hin1/hintersee_r_k.jpg", // "fa1mg" => "foto_geburtstag.gif" //); //} //else //{ $FILES = array( "hi1lg" => "hin1/hintersee_l_g.jpg", "hi1lk" => "hin1/hintersee_l_k.jpg", "hi1rg" => "hin1/hintersee_r_g.jpg", "hi1rk" => "hin1/hintersee_r_k.jpg", "fa1mg" => "fai1/faistenau_00001.jpg" ); //} $FILENAMES = array( "hi1lg" => "hintersee_01a.jpg", "hi1lk" => "hintersee_01b.jpg", "hi1rg" => "hintersee_02a.jpg", "hi1rk" => "hintersee_02b.jpg", "fa1mg" => "faistenau_01a.jpg" ); $ACCESS_DENIED_FILES = array( "hi1lg" => "access_denied_1.jpg", "hi1lk" => "access_denied_2.jpg", "hi1rg" => "access_denied_1.jpg", "hi1rk" => "access_denied_2.jpg", "fa1mg" => "access_denied_fai.jpg" ); $ACCESS_DENIED_FILENAMES = array( "hi1lg" => "access_denied_01.jpg", "hi1lk" => "access_denied_02.jpg", "hi1rg" => "access_denied_01.jpg", "hi1rk" => "access_denied_02.jpg", "fa1mg" => "access_denied_fai.jpg" ); # End Defines $refer=strtolower($_SERVER['HTTP_REFERER']); foreach ($_REQUEST as $i => $j) { if (strtolower($i)==="pic") {$pic=strtolower($j);}; } $allow=0; foreach ($FILES as $i => $j) { if (strtolower($i) === $pic) {$allow=1; }; } if (!$allow) {$pic = "r_g"; }; $allow=0; foreach ($ALLOW as $site) { if (!strncmp(strtolower($site),$refer,strlen($site))) { $allow=1; } } # for test only $allow=1; if (!$allow) { $file=$ACCESS_DENIED_FILES[$pic]; $filename=$ACCESS_DENIED_FILENAMES[$pic]; } else { $file=$FILES[$pic]; $filename=$FILENAMES[$pic]; } $size=filesize($file); header("Content-Type: image/jpeg"); header("Content-Disposition: inline; filename=$filename"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Content-Length: {$size}"); header("Pragma: no-cache"); $fh=fopen($file, "r"); $cont = fread($fh, $size); fclose($fh); echo $cont; //echo $refer; ?>