Add to Google

Securing Images
free web hosting
Open Discussion > CONTRIBUTE > Computers > Programming Languages > PHP Programming

Securing Images

kvarnerexpress
Jun 13 2005, 10:02 PM
Just wondering if anyone's worked with securing images to avoid direct linking than just by obscuring the URL or using a .htaccess file. I briefly looked through the documentation and source for gallery and it looks like the images are stored under the web root, so anyone with a direct link can browse the images regardless of user privileges.

I was thinking one way of doing this would be too store the images above the webroot directory so that visitor's can't navigate to them and having a php script that can read the image dir output the images by sending the correct headers and echoing out the data.

For example you have showpic.php which accepts $_GET parameters:
user id
image path
timestamp
hash

The user id, image path, and a secret hash seed stored on the server are used to generate the hash. The script file checks that the data passed in matches the hash, and also checks that the timestamp is within a specified time interval (say 5 minutes) and if everything is valid it echoes the image data.

Some downsides:
-this seems like it will create a high load (fopen and fread for each image) on the server.
-since we're relying on a timestamp, links to images will timeout even for valid users if they leave their computer. I suppose if a timeout occurs we can re-check session credentials and access priviliges for the image(s), but this will just cause even more load.

Anyone have any better ideas, links to scripts that do this?
Thanks,

 

 

 


Reply

hype
Jun 13 2005, 11:39 PM
I'm not sure if that's any scripts forthat but you can check out Hot Script and search for it...

There's also hotlinking protection in cpanel where you can use it... But it seems almost impossible because ppl can just download the image once they see it...

Reply

karlo
Jun 17 2005, 07:21 AM
Hmm... I suggest using cookies... try this:

CODE
if(count($_GET)<1 && count($_POST)<1 && empty($_SERVER[QUERY_STRING])){
setcookie("random",mt_rand(11111,99999),"/",time()+60);
echo("<a href=\"?download=sample.jpg\">Click here</a> to download.");
}
if(!empty($_GET[download])){
if(!empty($_COOKIE[random]) && strlen($_COOKIE[random])>3){
header("Content-type: image/jpeg");
readfile("sample.jpg");
}
}


then tell me if it works.. good luck! laugh.gif

Reply


Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.
Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

Recent Queries:-
  1. why store images above webroot - 9.79 hr back. (1)
  2. securing images php - 87.53 hr back. (2)
  3. php load image from outside webroot - 194.42 hr back. (1)
  4. how to store image outside of webroot - 332.26 hr back. (1)
  5. avoid direct access to image file php - 335.28 hr back. (1)
  6. "outside web root" htaccess - 379.34 hr back. (1)
  7. store users images folder root php - 397.39 hr back. (1)
  8. php show image from directory outside root - 653.40 hr back. (1)
  9. access images outside webroot - 858.82 hr back. (1)
  10. need for securing image databases - 920.20 hr back. (1)
  11. store image outside of webroot - 1093.48 hr back. (2)
  12. php securing images folder sessions - 1161.66 hr back. (1)
  13. php securing images folder - 1161.78 hr back. (1)
  14. jquery images protec secure - 1168.74 hr back. (1)
Similar Topics

Keywords : securing, images

  1. Securing Upload Directory
    proper way to do it? (5)
  2. How To Display Images Of A Directory
    (4)
    I am trying to do a simple thing. I want to display all the images of a directory on a single page
    with the checkbox next to each image, so that i can select multi images and i can delete selected
    images. Following few lines of code display the images of a directory.. i need help to put the
    check boxes with each image. and I dont understand how can i select multi images with check box and
    then delete them. I hope someone can help. thanks. CODE $path = "./"; $dir_handle =
    @opendir($path) or die("Unable to open folder"); while (false !== ($file = readdir($dir_han....
  3. My Code Doesnt Resize Large Images, Please Help.
    (2)
    Can someone please have a look at the following code, this uploads an image, and make it in 2 sizes,
    one size is max. 600 x 800, uploads to images folder and second 120 x 120 and uploads to thumbs
    folder. this script works fine, with normal size images, but if i try to upload large pics( for
    example, an image with dimension 2432 x 3300, it shows blank page, and uploads the original image
    without sizing to "image" folder, and doesnt make any small thumbnail... I hope u understand..
    Please someone help me, i shall be so thankful. session_start(); header("Cache-contro....
  4. Securing A Php Script Proccessing Input
    I need help and advice (7)
    Hi everyone I like to experiment with php, been doing so for about a year but im not clued up on
    security yet, i can use str_replace() to take out parts of strings i dont want like html and JS code
    inserted by users, and i know how to use stripslashes to take out slashes from input strings but
    this doesnt seem to be lock-tight security to me. There has to be something more to protect my
    scripts against malicious users. I belive its possible to use the "or_die()" function for
    connecting to an sql table to prevent the error messages being shown to users, as error message....
  5. Question: Securing A Website For Beginners
    (1)
    I don't really understand 'bout it. What kind of security we have to make to hold our web
    secure. Only log in features? how bout 'deface' method? how does it work? thx in advance
    Please use detailed topic title. ....
  6. Can You Add Images Into A Mysql Database?
    Using Php? (21)
    I'm learning php in class right now, but I'm still not that good at it, what I'm
    wondering is when I write the php so that it can connect with a database, can I at the same time
    have it that it is able to display back images that I choose. Like, I want a search feature, where
    you can search for a keyword, and it will bring back a list of all the possible entries with that
    keyword, but each of these entries will have a photo associated with it. Now, do I put these image
    files directly into the database, or do I write the code to link them from my files to th....
  7. How To Create Images?
    (3)
    How can i create images (using php) of 128x128 by giving some types of background... and users can
    write text on the background... /blink.gif' border='0' style='vertical-align:middle'
    alt='blink.gif' /> QUOTE you can take example from the followinbg site:
    http://zedge.no/?side=navnelogo ....
  8. Securing Pages
    (2)
    just wondering if there is a easy safe way to secure some webpages. i have a payment facility on my
    site which is linked through paypal. when the member has paid they are taken back to my site "thanks
    your payment has been successful page", once its went to this page the item is no longer listed on
    my site. now i have found away people can mess with this using the url. this means people can
    change just a few digits in the url and and mess the listings up on my site. after payment has been
    made the member is redirected to:- mydomain.com/class/thanks_paypal.php?myprod_....
  9. Including Php-made Images In A Page?
    (5)
    Say you have this script that makes an image, and you want to include it in another page. Would you
    just use ? I'd test it right now, but all my PHP image stuff is on my school's server,
    which is currently down.....
  10. Vote Script Help
    images as a result? (1)
    I made a vote poll script, and it work fine with results in numers or %, but i want to show images
    as a result. Is that possible? For example like voting poll in this forum. I tried something but
    that couldnt work. Someone?....
  11. Refreshing Images
    (1)
    I've got a script that generates a graph by creating it as a .png file (I can't output the
    image directly to the browser because of the way I need to generate the data). This all works ok
    however, in order to keep the data managable I've set a limit so that it only displays 12 months
    data at a time. The problem I have is that when I click on the next button to display the next set
    of data, the graph remains the same until you refresh the browser. I've tried using unlink() to
    delete the image file forcing the script to re-generate it when the script is r....



      12. why store images above webroot

      Looking for securing, images






*SIMILAR VIDEOS*
Searching Video's for securing, images
Watch the latest videos on YouTube.com

*MORE FROM TRAP17.COM*
advertisement



Securing Images