bhammel Posted January 23, 2012 Share Posted January 23, 2012 I having been searching through the forum and other websites for information on reading a file (an image file) located above my root directory. I would like to store images outside the root directory and then use PHP to call those images for registered users. Basically I want to create a secure web gallery. I am using GoDaddy Deluxe shared hosting, and have managed to create a webroot directory and place files above it. I have found several scripts for reading files using the readfile() function, however when I actually implement the script to find the file and read its contents, it does not seem to find the file. I know my directory path is correct, as I can call an echo function inside a test.php file located in the same folder as the images (above my root). I would love some incite as to where I went wrong, or if there is a specific GoDaddy work around that needs to be implemented. Also, if I am going about this the wrong way, please let me know if there is a more effective way of going about this! Thank you so much! Link to comment https://forums.phpfreaks.com/topic/255614-viewing-files-outside-the-web-root/ Share on other sites More sharing options...
scootstah Posted January 23, 2012 Share Posted January 23, 2012 Code? Link to comment https://forums.phpfreaks.com/topic/255614-viewing-files-outside-the-web-root/#findComment-1310413 Share on other sites More sharing options...
bhammel Posted January 23, 2012 Author Share Posted January 23, 2012 Doh! My apologies, I meant to copy the most recent snippet I had tried: <?php $file = basename(urldecode($_GET['file'])) ; $fileDir = '/home/mydomain/photos/'; if (file_exists($fileDir . $file)) { // Note: You should probably do some more checks // on the filetype, size, etc. $contents = file_get_contents($fileDir . $file); // Note: You should probably implement some kind // of check on filetype header('Content-type: image/jpeg'); echo $contents; } ?> This gives me an output of: The image “http://mydomain.com/” cannot be displayed because it contains errors. ---- I substituted mydomain for my real domain, as this is not advertising! Thanks! Link to comment https://forums.phpfreaks.com/topic/255614-viewing-files-outside-the-web-root/#findComment-1310418 Share on other sites More sharing options...
bhammel Posted January 25, 2012 Author Share Posted January 25, 2012 Well after more searching and trying, I got it to work! This is what I found in case anyone else has this question: $content = file_get_contents('../directory/image.jpg'); /* the directory is actually above the root */ if ($content !== false) { header('Content-type: image/jpeg'); echo $content; } else { echo 'not found'; } This will of course be modified with some SQL search to find the actual image path and then the php file with the above code can be displayed using: <img src="pic.php" /> or so. If anyone has a better suggestion, I would love to optimize this. Thanks! Link to comment https://forums.phpfreaks.com/topic/255614-viewing-files-outside-the-web-root/#findComment-1311169 Share on other sites More sharing options...
bhammel Posted January 25, 2012 Author Share Posted January 25, 2012 So I have been trying to modify the previous code to work with a dynamically generated file name, and I am having issues with passing variables (it seems). The current code is split between and index.php page that sets a session variable for the image file name, then echos out the file in an image tag using the pic.php file. The pic.php file calls on a function to grab the contents of the file from above my web directory and return those contents to then be output as the pic.php file. If I use the file name (lucas2.jpg) instead of the session variable passed in my function, everything works fine. As soon as I replace the file name with the variable I get broken image. index.php: <?php session_start(); ?> <html> <body> <?php $_SESSION['lucas'] = 'lucas2.jpg'; echo '<img src="pic.php" />'; ?> </body> </html> pic.php: <?php include_once('findimg.php'); $img = findImg($_SESSION['lucas']); if (!empty($img)) { header('Content-type: image/jpeg'); echo $img; } else { echo 'empty img'; } ?> findimg.php: <?php function findImg($image){ $img = $image; $content = file_get_contents('../webpics/'.$img); if ($content !== false) { return $content; } else { echo 'not found'; } } ?> Any thoughts or directions to point me in? Thanks for your time. Link to comment https://forums.phpfreaks.com/topic/255614-viewing-files-outside-the-web-root/#findComment-1311265 Share on other sites More sharing options...
PFMaBiSmAd Posted January 25, 2012 Share Posted January 25, 2012 I don't see a session_start() statement in the pic.php or findimg.php code? Link to comment https://forums.phpfreaks.com/topic/255614-viewing-files-outside-the-web-root/#findComment-1311267 Share on other sites More sharing options...
bhammel Posted January 25, 2012 Author Share Posted January 25, 2012 I don't see a session_start() statement in the pic.php or findimg.php code? I thought you only need a session_start() function on the first page the session is brought into existence (my index.php page for example). Do I need a session_start() on every page I wish to use session variables? Added session_start() to all pages. Works like a charm. Thank you so much! Link to comment https://forums.phpfreaks.com/topic/255614-viewing-files-outside-the-web-root/#findComment-1311269 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.