File Protection?

[Lengo]

I need three protection devices. I've seen one of these, and haven't seen the other two. I have a work around for one of these, but am uncertain that this is the best approach. On the other two, I have no clue how these are done. Can somebody help?The first is one I've seen. If a photo or picture is displayed, right clicking to save the image results in a message "this file is protected by copyright -- you cannot download it", or the right click menu is disabled. How do I do this?The second involves music files. I want to use Object/Embed code to display a player, but want to disallow any other access to the .m3u file and files listed in the .m3u file. In other words, I don't want people to view a page's source, find the name of the .m3u, then directly access this file by pointing their browser directly to the url. In other words, I want access restricted to a referring page. If the referrer is correct, the m3u will load into the object/embedded item, but going directly to this .m3u file would be probhibited. How do I do this?Also, regarding the one I have a work-around for, I know how to put up an index page for a directory so that file names won't be listed. The index page would say "forbidden". Is there a better way? Thanks.

[Ingolme]

You can't protect anything on your page. The rule is: if it can be displayed on the browser it can be saved by the user.There are right-click detecting scripts, but a user can deactivate Javascript, or look through the cached page information on his computer, or press the "print screen" button if he doesn't know a better way.

[jeffman]

I know how to put up an index page for a directory so that file names won't be listed. The index page would say "forbidden". Is there a better way?

Depends on your goal. You can write deny from all in a .htaccess file inside that directory, and that will put up a nasty error message if you haven't supplied a nicer one, and it will also keep snoopers from downloading any files in the directory too. But you won't be able to link to those files in the normal way, either. To make them available, you'd have to access their data through a script and output it with content headers and stuff. But even then, you'd be making them available. Mostly this method is used for securing data, not hiding content files, if you see the difference.

[Lengo]

Depends on your goal. You can write deny from all in a .htaccess file inside that directory, and that will put up a nasty error message if you haven't supplied a nicer one, and it will also keep snoopers from downloading any files in the directory too. But you won't be able to link to those files in the normal way, either. To make them available, you'd have to access their data through a script and output it with content headers and stuff. But even then, you'd be making them available. Mostly this method is used for securing data, not hiding content files, if you see the difference.

Thanks dad. The goal is to make it as difficult as possible. Most people aren't gonna jump through hoops. Most are honest. I know I'm gonna have to do some scripting, but what are these or where are they?Are there any books about designing sites for security? There must be some moderate to advanced books on this subject.

[Ingolme]

Books related to "security" usually would refer to data encryption for databases and text information.Files that are "secure" would be protected with passwords and only accessible to a restricted group of people.That's the only kind of security you're going to be taught in books about web languages.Have it clear: There is no way to show a file to somebody without allowing them to save it on their computer.If you're looking for a no-right-click script, there are several of them here:http://www.javafile.com/websitetool.phpTwo warnings:1. I can't ensure their cross-browser compatibility2. I can assure you I can easily get around all of them.

[jeffman]

On the Mac we just drag pics to the desktop. The easiest way to prevent that is to make the pic a background image if you can. If it's already in a div, make it the bg of the div. If not, put a div there, make it the image size, and make the image the bg.It is also possible to put a transparent div over an image so that the pointer doesn't touch the pic.Hoops, as you say.

[jesh]

If you're just trying to add some hoops, this is one way to use javascript to stop right-mouse-clicking:

document.oncontextmenu = function() { alert("no right clicky!"); return false; }

[justsomeguy]

If you really want to protect content the best way is to use a player for it. You can download a Flash media player that can play things like music, pictures, etc. You can either hardcode a link to the playlist inside the player itself or point the player to a PHP script for the playlist and the script can make sure that it was requested from your page before showing the playlist. Someone can get around even that, but that's about the best you can do.

[Lengo]

Thanks, peoples! I got it. I've tried 'em all, and they all work. This code works best (I think). I don't have Netscape, and I have not installed Firefox yet. I assume that Netscape will work (though, who cares?) and Firefox will work like IE.

<script language=JavaScript><!--//THIS SCRIPT BROUGHT TO YOU BY JAVAFILE.COM//Disable right click script III- By Renigade (renigade@mediaone.net)//For full source code, visit http://www.dynamicdrive.comvar message="";///////////////////////////////////function clickIE() {if (document.all) {(message);return false;}}function clickNS(e) 	{if (document.layers||(document.getElementById&&!document.all)) 	{		if (e.which==2||e.which==3) 			{(message);return false;}}	}if (document.layers) 	{	document.captureEvents(Event.MOUSEDOWN);	document.onmousedown=clickNS;	}else	{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}// --> </script>

The above is code from No Right Click 5 at http://www.javafile.com/websitetool.php Thanks, Ingolme The left mouse button works. I put a link around an image in an IFrame, and you can left click but not right click. The link changes the contents of the IFrame in you left click it. Videos and audio streams will be embedded objects. That should protect them well enoughThe video, music, and graphics directories will have .htaccess files. I think that will do the trick for these. If not, I'll be back!

[Synook]

Netscape doesn't exist any more by the way, so you don't really need to cater for document.layers.Firefox is more like the late Netscape than IE, so clickNS() should work for FF.

[justsomeguy]

Making something an embedded object won't protect anything. Once you publish your page, view the source code of it and you'll be able to see the URLs for all of your images, audio, video, etc. If you type the URL into the browser you can download whatever you want. That's why a player helps.

[thescientist]

The first is one I've seen. If a photo or picture is displayed, right clicking to save the image results in a message "this file is protected by copyright -- you cannot download it", or the right click menu is disabled. How do I do this?Thanks.

On the Mac we just drag pics to the desktop. The easiest way to prevent that is to make the pic a background image if you can. If it's already in a div, make it the bg of the div. If not, put a div there, make it the image size, and make the image the bg.It is also possible to put a transparent div over an image so that the pointer doesn't touch the pic.Hoops, as you say.

If you're just trying to add some hoops, this is one way to use javascript to stop right-mouse-clicking:

document.oncontextmenu = function() { alert("no right clicky!"); return false; }

These all seem good. I making a page for a lady who's trying to market/sell her digital photography, so I want people to be able to see them, but not download them. I guess I could just use photoshop to make a watermark/copyright, but I would rather just not let people be able to right click.

[Ingolme]

These all seem good. I making a page for a lady who's trying to market/sell her digital photography, so I want people to be able to see them, but not download them. I guess I could just use photoshop to make a watermark/copyright, but I would rather just not let people be able to right click.

Don't bother.There are many ways around that. If you're really concerned about keeping images safe watermark them. It's the only way. Right-click blocking scripts are hardly useful. People can screenshot the page, read the source code, check the page information (firefox feature), or simply drag the image to their desktop.

[jesh]

If copyright is truly an issue, as Ingolme mentioned, watermarking is the only way. My buddy works for Digimarc which is a company that offers a watermarking service. The watermarks can be invisible to the human eye.http://www.digimarc.com/mypicturemarc/

[Synook]

You could also just use the GD functions (in PHP) to paste a semi-opaque watermark graphic over all images shown on the site (you could use URL rewriting to make sure all images get passed through your script).

[thescientist]

You could also just use the GD functions (in PHP) to paste a semi-opaque watermark graphic over all images shown on the site (you could use URL rewriting to make sure all images get passed through your script).

that seems cool, but I don't really know anything about PHP yet. The site is pretty low-key, and she just wants it to get here name out so people can see her pictures and get in touch with her about them. I would still like to know about all the various web languages in general for other applications down the road, but not necessarily this one.