Reply to Re: Keeping user uploads private

Your name:

Reply:


Posted by Christoph Burschka on 12/01/06 13:11

The Eclectic Electric schrieb:
> "Tim" <tim@gmail.com> wrote in message news:ekn7c901gss@drn.newsguy.com...
>
>>On Wed, 29 Nov 2006 17:14:31 GMT, The Eclectic Electric wrote...
>>
>>>I have a website (www.listyblue.com) that allows people who register to
>>>upload their own "mascot" images. I'd like for these to be viewable only
>>>by
>>>them but at the minute they're easily accesible to everyone.
>>>
>>>Is there a way to protect these other than storing them outside of the web
>>>space and copying them in for the duration of the session?
>>>
>>>+e
>>>
>>>
>>
>>You might need to clarify "viewable only by them but easily accessible to
>>everyone". I don't think you can have a file that is only viewable by one
>>person
>>but easily accessible to the world. The second requirement contradicts the
>>first.
>>
>
>
> I'd like for these to be viewable only by them but *at the minute* they're
> easily accesible to everyone.
>
> +e
>
>
You will need to put a PHP script between the files and the public website.

Place the uploaded images (named [user-id].png or whatever) into a
separate folder that cannot be seen by the public (using .htaccess or
something else). Then use a publically accessible php script that does
something like this:

<?php
$id=$_COOKIE['login_id'];
if (!$id) {
header("HTTP/1.1 404 Not Found");
exit;
}

header("Content-type: image/png");
readfile($protected_directory.'/'.$id.'.png');
?>

This will increase the server load for the image, but it's about the
only way to do this easily.

The script will check the login cookie, find the user's id, and display
the appropriate image. You'll need to do a lot more than this to make it
work well, though.

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация