Re: [PHP] protected Images without using htaccess

Fri, 22 Jun 2001 13:54:35 -0700 

added the wrong script... arghh...

<?php
  Header("Content-type: image/gif");
  $fp = @fopen($img,"rb");
  fpassthru($fp);
  fclose($fp);
?>

""Fredrik Arild Takle"" <[EMAIL PROTECTED]> wrote in message
9gvl19$er6$[EMAIL PROTECTED]">news:9gvl19$er6$[EMAIL PROTECTED]...
> 1. Authenticate user
> 2. Put the pictures in a "secret" folder or outside http_root
> 3. Do this:
>
> <?php
>   header("Content-Type: application/download\n");
>   header("Content-Disposition: filename=\"$file\"");
>   $fn = fopen("$file" , "r");
>   fpassthru($fn);
> ?>
>
> I hope this helps!
>
> Fredrik A. Takle
> [EMAIL PROTECTED]
> www.iportal1.com
>
>
> ""Arash Dejkam"" <[EMAIL PROTECTED]> wrote in message
> 9gvk5g$8o0$[EMAIL PROTECTED]">news:9gvk5g$8o0$[EMAIL PROTECTED]...
> > Hi,
> >
> > I'm going to make a page in which users (being authenticated by PHP
> session
> > management) upload pictures and specify which other users can see those
> > pictures, and I want all the process be automated, and I don't want to
use
> > Apache protection on directories, now I have a problem: if I store
images
> in
> > a directory which is in root directory
> > of  HTTP server, then any user can access any image by sending a direct
> > query from his browser like :
> > www.mysite.com/members/images/img023.jpg even if he is not allowed. and
> also
> > I can not save image out of HTTP root directory because then http can
not
> > serve them.
> > I found a very foolish solution for this :) I can store the images out
of
> > HTTP root dir and then use a PHP script which first checks the session
ID
> > and then sends the images with ImageCreateFromJPEG() and ImageJPEG()
> > functions.
> >
> > Can anybody give me a better way to solve this problem ?
> >
> > Thanks
> > Arash Dejkam
> >
> >
> >
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to