Jump to content

Recommended Posts

Hi guys,

 

I'm currently building a helpdesk system with tickets and stuff.

I want to add attachments to tickets. These attachments are stored in a web inaccessible folder called "attachments".  In this folder, there is a folder for each ticket which holds the attachments.

 

The folder is protected by a .htaccess file.

 

I want to include an image from this folder in the webpage so that user can view the attachments. I don't want users to browse the images directly....

 

Now, when someone browses to the attachment, a "Forbidden" error is returned. I would like to keep this...

 

How can I do this ?

I've tried your solution, MadTechie, it doesn't work as expected, but I want to show the image in the browser instead of forcing a user to download it.

 

Is that possible ?

I was thing about something along the lines of what ninnypants said.

So I thought about using readfile() and then turn that outputstream back in to an image but I couldn't find a function for it.

 

Can someone point me in the right direction ?

I tried removing the force-download header. Now IE gives me the option to download the png and FF wants to download the file.png.htm

When I try downloading and opening the file in FF I get the bytestream instead of the actual image, so I'm thinking that's a header problem.

 

I've changed it into this:

<?php
$url = arrayUrl($_GET['url']);
$file = $html->includeAttachment($url['2'], $url['3']);
header("Content-Type: image/png");
@readfile($file);
?>

But that gives me the following error:

The image “http://172.16.32.24/pecs/tickets/attachments/000001/screenie.png” cannot be displayed, because it contains errors.

I can confirm that the image on the server is correct.

 

What am I doing wrong ?

Of course,  how could I forget the @...

 

I've removed the @ and the header. The output is:

�PNG  ��� IHDR�����l���+�8���sRGB�������gAMA

And a lot more of the same...

 

What am I missing ?

Try this

<?php
$url = arrayUrl($_GET['url']);
$file = $html->includeAttachment($url['2'], $url['3']);
if(filesize($file) >0)
{
header("Content-Type: image/png");
readfile($file);
}else{
echo "error too smalled check read permissions to file and folder";
}
?>

 

I'm using a custom build framework and I found out that the script itself is working. So I'm thinking that the framework is corrupting the data somewhere...I will have to dive in to this. For the time being, I could store the attachments (mostly images, screenshots) as BLOB in the database...

 

Is there a reason not to save the image as BLOB ?

Theirs reasons for storing it in a blob and reasons not to store it in a blob, personally (and most agree) I wouldn't store it in a blob, but theirs exceptions to every rule..

 

Can you test the images (just move a test one to a public area and view it)

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.