http://www.icyphoenix.com/viewtopic.php?f=4&t=2411&p=17312#p17312
-----------------------------------
casimedicos
Wed 04 Jul, 2007 00:17

Re: How To Prevent Hotlinking With PHP
-----------------------------------
How to use the code to prevent hotlinking
Create a directory on your website to contain the anti-hotlinking script and your protected media. 
Copy the code in prevent-hotlinking.txt into a file called index.php inside that directory.

[code linenumbers=false]<?php
$dir='secret-directory-name-here/';
if ((!$file=realpath($dir.$_GET['file']))
    || strpos($file,realpath($dir))!==0 || substr($file,-4)=='.php'){
  header('HTTP/1.0 404 Not Found');
  exit();
}
$ref=$_SERVER['HTTP_REFERER'];
if (strpos($ref,'http://www.example.com/')===0 || strpos($ref,'http')!==0){
  $mime=array(
    'jpg'=>'image/jpeg',
    'png'=>'image/png',
    'mid'=>'audio/x-midi',
    'wav'=>'audio/x-wav'
  );
  $stat=stat($file);
  header('Content-Type: '.$mime[substr($file,-3)]);
  header('Content-Length: '.$stat[7]);
  header('Last-Modified: '.gmdate('D, d M Y H:i:s',$stat[9]).' GMT');
  readfile($file);
  exit();
}
header('Pragma: no-cache');
header('Cache-Control: no-cache, no-store, must-revalidate');
include($file.'.php');
?>[/code]

 
Replace the URL http://www.example.com/ on the ninth line of the script with the URL of your website &#8212; don&#8217;t forget to include the trailing slash. 
Replace the phrase &#8216;secret-directory-name-here&#8217; in the second line of the script with something people are unlikely to guess (for example, a string of thirty random letters) and create a directory with this name inside the directory containing the script. Do not reveal the name of this secret directory to anyone, as doing so would allow people to hotlink to the files it contains. If you do accidentally reveal the directory name, just rename it and alter the script accordingly. 
For each piece of content you want to protect, place it in the secret directory (you can also create subdirectories inside that directory).