You are here: Re: Keeping user uploads private « All PHP « IT news, forums, messages
Re: Keeping user uploads private

Posted by The Eclectic Electric on 12/11/06 18:40

"Christoph Burschka" <christoph.burschka@rwth-aachen.de> wrote in message
news:4tao0dF13bv1fU1@mid.dfncis.de...
> The Eclectic Electric schrieb:
>> "Tim" <tim@gmail.com> wrote in message
>> news:ekn7c901gss@drn.newsguy.com...
>>
>>>On Wed, 29 Nov 2006 17:14:31 GMT, The Eclectic Electric wrote...
>>>
>>>>I have a website (www.listyblue.com) that allows people who register to
>>>>upload their own "mascot" images. I'd like for these to be viewable
>>>>only by
>>>>them but at the minute they're easily accesible to everyone.
>>>>
>>>>Is there a way to protect these other than storing them outside of the
>>>>web
>>>>space and copying them in for the duration of the session?
>>>>
>>>>+e
>>>>
>>>>
>>>
>>>You might need to clarify "viewable only by them but easily accessible to
>>>everyone". I don't think you can have a file that is only viewable by one
>>>person
>>>but easily accessible to the world. The second requirement contradicts
>>>the
>>>first.
>>>
>>
>>
>> I'd like for these to be viewable only by them but *at the minute*
>> they're easily accesible to everyone.
>>
>> +e
> You will need to put a PHP script between the files and the public
> website.
>
> Place the uploaded images (named [user-id].png or whatever) into a
> separate folder that cannot be seen by the public (using .htaccess or
> something else). Then use a publically accessible php script that does
> something like this:
>
> <?php
> $id=$_COOKIE['login_id'];
> if (!$id) {
> header("HTTP/1.1 404 Not Found");
> exit;
> }
>
> header("Content-type: image/png");
> readfile($protected_directory.'/'.$id.'.png');
> ?>
>
> This will increase the server load for the image, but it's about the only
> way to do this easily.
>
> The script will check the login cookie, find the user's id, and display
> the appropriate image. You'll need to do a lot more than this to make it
> work well, though.

That works a treat. (Never tried .htaccess before.)

Thanks.

Now I have to figure out how to manipulate the script so the image appears
where I want it to!

+e

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация