防盜鏈的原理:
不直接給出服務器中真實的url,將要訪問的文件放到服務器上不可訪問的目錄中,所以要訪問的文件就必須通過ASP讀取文件以二進制流的類型來發送文件,如果加上來源地址和用戶登錄狀態的判斷,可以一定意義上的防止盜鏈。
缺點是:不過開銷也會很大。
下面是兩個示例的函數,沒有加上權限判斷。
Sub downloadFile(strFile)
On error resume next
Server.ScriptTimeOut=999999
Dim S,fso,f,intFilelength,strFilename,DownFileName
strFilename = Server.MapPath(strFile)
Response.Clear
Set s = Server.CreateObject("ADODB.Stream")
s.Open
s.Type = 1
Set fso = Server.CreateObject("Scripting.FileSystemObject")
If Not fso.FileExists(strFilename) Then
'Response.Write("<h1>錯誤: </h1>
系統找不到指定文件")
showimg "images/logos.gif"
Exit Sub
End If
Set f = fso.GetFile(strFilename)
intFilelength = f.size
s.LoadFromFile(strFilename)
If err Then
'Response.Write("<h1>錯誤: </h1>" & err.Description & "<p>")
showimg "images/logos.gif"
Response.End
End If
Set fso=Nothing
Dim Data
Data=s.Read
s.Close
Set s=Nothing
If Response.IsClIEntConnected Then
Response.AddHeader "Content-Disposition", "attachment; filename=" & strFile
Response.AddHeader "Content-Length", intFilelength
Response.CharSet = "UTF-8"
Response.ContentType = "application/octet-stream"
Response.BinaryWrite Data
Response.Flush
End If
End Sub
ASP防盜鏈輸出圖片函數 showimg (需要Persits.Jpeg組件支持)
Sub showimg(FileName)
Response.Clear
Dim Jpeg,temp_pic
On Error Resume Next
Set Jpeg = Server.CreateObject("Persits.Jpeg")
If -2147221005=Err then
'Response.write "沒有這個組件,請安裝!" '檢查是否安裝ASPJpeg組件
downloadFile FileName
Exit Sub
End If
Jpeg.Open (Server.MapPath(FileName)) '打開圖片
If err.number then
'Response.write "打開圖片失敗,請檢查路徑!"
Jpeg.Open (Server.MapPath("images/logos.gif"))
response.end
End if
temp_pic=Jpeg.Binary
Response.ContentType = "image/*"
Response.AddHeader "Content-Disposition","filename=" & arr_FileName(FileName)
Response.BinaryWrite temp_pic
Response.End
End Sub
