First, i want to say sorry if this post is unuseful, and sorry for the mods, i've post this on my regional section. and i'm not guarantee that this trick would work 100%, [b]Credit[/b] TinyMCE JavaScript Content Editor for the Javascript-PHP Header [b]REQUIREMENTS:[/b] 1. Web/file hosting that support php file 2. No php script knowledge (i guess ) [b]Here is the php file code[/b] [spoiler] <? $basename='http://profiles.friendster.com'; $url=array(); //edit these url, but don't include '/user.php' please $url[0]=$basename.'/[b][color=blue]0000000[/color][/b]';//uid $url[1]=$basename.'/user.php?uid=[b][color=blue]000000[/color][/b]';//uid $url[2]=$basename.'/[b][color=blue]asdfgh[/color][/b]';//personalized url //end edit $referer=$_SERVER['HTTP_REFERER']; function cekReferer(){ global $url,$referer; foreach($url as $key=>$value){ if($referer===$value) return true; } return false; } if(!cekReferer()){ //this file is directly accessed, give the 403 error page //you may edit this section, write your message for the ripper(maybe) //uncomment if you just want to redirect to your profile //header('location:'.$url[0]); //this example would output the 403 Forbidden Page ?> [b][color=blue]<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1>You don't have permission to access <? echo $_SERVER['PHP_SELF'] ?> on this server.<hr /></body></html>[/color][/b] <? } else { //don't remove the header, if you remove it, your script won't work header("Content-type:text/javascript;charset:UTF-8"); //this line below is to inject your script, you may edit it //you also can directly write all your js code here, very recommended ?>[b][color=blue] a='URL FILE JS'; b=document.createElement('script'); b.type='text/javascript'; b.src=a; document.getElementsByTagName('head')[0].appendChild(b);[/color][/b] <? } ?> [/spoiler] edit the blue text, there are 3 part of the blue text: [b]1. the profile url[/b] follow the rule in the commented text [b]2. the error page[/b] This is where you can write your html code to warn the viewer of your script or the ripper maybe. Here you also can write the code to redirect to your profile, or just uncomment this line [b]header('location:'.$url[0]);[/b] The default is output the 403 Forbidden Page [b]3. the javascript code[/b] in this tutorial, i put the js injector for one file, if you use more than one file, you may edit it first, or i think directly write the script here is good [b]The Minus[/b] you can't open your profile via /user.php That's all, i know this tutorial isn't explainable, i'm sorry for my english, if you're indonesian (or malaysian maybe), [url=http://theftalk.com/t34167-%7BTUTORIAL%7D-PHP-JavaScript-Injector---Another-way-to-secure-your-script.html]read this post[/url] is very helpfull goodluck all, oh ya, the preview [url=http://profiles.friendster.com/44348601]here[/url] if the preview works, can you find where is the wvm code written? thanks,

Last edited by rudyhartadi (2008-06-10 06:20:32)