Hide path to GD image creation script?

[Ahhhk]

Hi all!

 

Im creating an image via GD and the only way I've found to insert it in an HTML output is to call a script within the img src and pass the params like so:

 

<img src="show_image.php?key=ABCDEFG" height="120" width="120" />

 

But, when viewing the properties of the image, it shows the filename as "../show_image.php?key=ABCDEFG".....obviously.

 

Now, is there anyway to hide that path/params so it wont be so easy for someone to see the path and call it directly? Or is there some other way to insert a GD generated image without showing a URL?

 

I tried inserting the image by via a function call in the img src instead - src="<? $imager->show_image("ABCDEFG"); ?>" - but that just did a raw dump of the image data.

 

I need the image in an img tag so I can size it (differently than how it's generated) on the front end.

 

Any help would be greatly appreciated!!

 

Ahhhk!

 

 

[btherl]

The short answer is no.. you must tell the browser where to find the image.  And if the browser knows where to find the image, then the user does too.

 

The long answer is that there are many methods of restricting access.

 

You could use javascript to obscure the url to the image.  But that is easily defeated by someone recording the requests made by the browser.

 

You could also check the referrer, to ensure that the user is viewing the image from your site.  That will prevent re-use of your images on other sites (while still hosted on yours).

 

It all depends on why you want to hide the image.

[Ahhhk]

btherl,

 

Thanks for the reply. Im not trying to hide the image - I'm trying to keep people and/or bots from slamming the image generation script (which is quite resource intensive).

 

What Im really hoping for is another way to insert a GD-generated image into HTML output that doesn't require calling a URL like I'm doing.

 

Doing it via the function call would have been great since that doesnt expose anything. The problem with it is that since I cant sent the mime type for just the image in an html doc, it outputs a raw dump.

 

Ahhhk!

[Ahhhk]

Might there be a way to set the mime type for the image (with an HTML doc) with output buffering?

 

There's got to be a way to do this....right?

[Ahhhk]

Ok, here's a summary of all the ways Ive tried to get the image in the doc. The only one that works is the only one I dont want to use:

 

<img src="show_image.php?key=ABCDEFG" height="120" width="120" />

This works correctly but shows the show_image call in the image properties (path)

 

 

<img src="<? $imager->show_image("ABCDEFG"); ?>" height="120" width="120" />

Outputs the non-MIME image data dump

 

 

<?php echo "<img src=\"".$imager->show_image("ABCDEFG")."\" height=\"120\" width=\"120\" />"; ?>

Outputs the non-MIME image data dump

 

 

<img src="<?php include 'https://www.domain.com/show_image.php?key=ABCDEFG' ?>" height="120" width="120" />

Outputs the non-MIME image data dump

 

Help!

[Ahhhk]

Anybody?

[Ahhhk]

Have I said lately that....I love you guys!!