* Thus wrote Boaz Yahav ([EMAIL PROTECTED]): > Can you fake a referrer by say,.... using fsockopen() and sending your > own headers?
Yes, and in fact there are programs designed to work around this exact (so called) security check. I've seen hosting services use this method of protecting their files and usually what happens is the users get programs that make downloading the files easier than downloading files through a web browser, thus defeating the whole purpose of the referer checking. Curt -- "I used to think I was indecisive, but now I'm not so sure." -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
