|
|
Posted by Lars Eighner on 12/21/07 00:17
In our last episode, <476ae01e$0$29602$5402220f@news.sunrise.ch>, the lovely
and talented Bob Bedford broadcast on comp.lang.php:
> Hello Lars, thanks for answering.
>> Not possible. Put the images in a world-readable directory or have users
>> enter username and password. Why in the world would you think otherwise?
>>
>> You seem to want two contradictory and mutually exclusive things: you want
>> the images protected (otherwise, why did you put them in a protected
>> directory?) and you want them publicly accessible (otherwise why do you
>> object to authentication?) You cannot have both.
>>
>>> I can't move those images and I can't set the path rights
>>
>> Then copy them to an unprotected directory.
> It's in a protected directory becuse they are statistics for the website and
> the Hosting company decided so and it can't be changed.
> I'm the webmaster and I can give access to the client to certain directory
> (where they are my scripts) so the concurrents can't see what's appening as
> this is a secret.
> Also I've tried to do a "imagepng()" but instead of showing the image it
> shows the source of the image.
> The possibility to show images exists (you can show a document with imagejpg
> or others) so why not if coming from a protected directory ?
Because that is what being in a protected directory means. Any server or
software that would work around permissions would pose a serious security
risk. You may be right that these particular data do not need that kind of
protection. In that case your argument is with the policy of the hosting
company. But software that refuses to violate permissions is doing the
right thing, and any that did not would be hopelessly broken.
--
Lars Eighner <http://larseighner.com/> usenet@larseighner.com
Countdown: 396 days to go.
Navigation:
[Reply to this message]
|