pixelio Posted May 28, 2003 Share Posted May 28, 2003 Hi, I would like to protect the files from a directory so they can only be accessed from my php scripts. I do not want the users to be able to write the URL of the image in his browser and to acces it directly. PHP is running as an Apache module (CGI impossible). I could use .htaccess with apache authentication but I don\'t want the user to be prompt for a username / password (everybody can access this images but only from my php scripts!). can anybody help? thanks Quote Link to comment Share on other sites More sharing options...
BK87 Posted May 29, 2003 Share Posted May 29, 2003 I think this is what you mean: Make a file called \'picture.php\' [php:1:59120b2234]<?php $imgFolder=\"images/\"; if(isset($_GET[\"img\"])){ print(\"<img src=\"$imgFolder\".$_GET[\"img\"].\"\">\"); } ?>[/php:1:59120b2234] Usage: http://localhost/picture.php?img=somepic.jpg Quote Link to comment Share on other sites More sharing options...
mikehart Posted April 26, 2004 Share Posted April 26, 2004 I was interested in the same thing. I want to be able to restrict the access to a .jpg file so that only an authorized user can get to it. Using: print("<img src="$imgFolder".$_GET["img"]."">"); } just means that he the user doesn't need to enter the right folder, but he needs to have access to that folder. I have found a workaround, by reading the file into php and doing something like: <img src ="getimage.php?image=filename"> getimage.php checks to see if the user has the right access via my authorization code and then I do readfile($filename); The problem is that I think this might be a little slow, particularly if there are a lot of files. Also, the users can't cache the file in the browser - the next time they visit the page, they need to load the images all over again. Does anyone have other ideas, as to how I could limit access to the files using another method? Thanks Quote Link to comment Share on other sites More sharing options...
Katherine Posted October 4, 2005 Share Posted October 4, 2005 Hi, I would like to protect the files from a directory so they can only be accessed from my php scripts. I do not want the users to be able to write the URL of the image in his browser and to acces it directly. PHP is running as an Apache module (CGI impossible). I could use .htaccess with apache authentication but I don't want the user to be prompt for a username / password (everybody can access this images but only from my php scripts!). can anybody help? thanks 16719[/snapback] Why don't you simply create a folder outside of the web server root ? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.