westman Posted September 29, 2012 Share Posted September 29, 2012 how do i hide my image url?if a user right clicks on a preview image i am selling they will see this link... http://mysite.com/pic/1/1.jpg and the image i am selling is... http://mysite.com/pic/1/2.jpg i have 100's of images and there folder names run from 1 to 200 and in each file there is 2 images 1.jpg and 2.jpg how can i stop my users from stealing my images by finding out my filing system? Link to comment Share on other sites More sharing options...
birbal Posted September 29, 2012 Share Posted September 29, 2012 either use .htaccess to prevent direct file accessing. or put your image outside webroot and fetch those images using readfile() or any image manipulation library (depending upon your needs) and serve with appropiate header when certain condition met. Link to comment Share on other sites More sharing options...
westman Posted September 29, 2012 Author Share Posted September 29, 2012 how do i use .htaccess to prevent direct file accessing?i tried it in some script before and i could not control it, and in the end i could not access to a file as the admin of the site Link to comment Share on other sites More sharing options...
kanchatchai Posted September 29, 2012 Share Posted September 29, 2012 to protect image dir use php to read image fileand use (example) <img src="showimage.php?imageid=1"?> to protect file in folder use .haccess code sample RewriteRule ^(pic/.*)$ index.php [L,QSA] #protect All Files In /pic/*.* Link to comment Share on other sites More sharing options...
Ingolme Posted September 29, 2012 Share Posted September 29, 2012 Actually, put all the images in one folder. The htaccess of the folder only has to have this: Order Allow DenyDeny From All This prevents HTTP access but allows PHP access.PHP can load and display the image content using file_get_contents(), so you can tell it to do that only if the user is logged in and has paid. Link to comment Share on other sites More sharing options...
westman Posted September 29, 2012 Author Share Posted September 29, 2012 ok i used... Order Allow DenyDeny From Alland that seems to be working ok, but i did not understand ... <img src="showimage.php?imageid=1"?>or a way php can show the image to the user Link to comment Share on other sites More sharing options...
birbal Posted September 29, 2012 Share Posted September 29, 2012 it is php page which can generate image and serve it with appropiate headers Link to comment Share on other sites More sharing options...
westman Posted September 29, 2012 Author Share Posted September 29, 2012 i understand that i am using a php file but this code i do not get...<img src="showimage.php?imageid=1"?>or a way php can show the image to the user Link to comment Share on other sites More sharing options...
birbal Posted September 29, 2012 Share Posted September 29, 2012 in showimage.php you will print the image content which is binary data (jpeg,png,gif). when you send appropiate header with that content, browser will treat it like image and render it. wha happends when you use img tag is browser call that php page and render the image as it would do with image extensiion file. Link to comment Share on other sites More sharing options...
westman Posted September 29, 2012 Author Share Posted September 29, 2012 speaking about...<img src="showimage.php?imageid=1"?>could i have a code example on showimage.php so i can understand better Link to comment Share on other sites More sharing options...
kanchatchai Posted September 30, 2012 Share Posted September 30, 2012 (edited) test of showimage.php <?PHPheader("Content-type: image/jpeg");echo file_get_contents("test.jpg");?> .htaccess # Don't show directory listings for URLs which map to a directory.Options -Indexes# Make handle any 404 errors.# Set the default handler.DirectoryIndex index.phpRewriteRule ^(pic/.*)$ index.php [L,QSA] #protect All Files In /pic/*.* fox idia work better because can protect .jpg filepic/.htaccess Order Allow DenyDeny From AllRewriteRule ^(*.*)$ index.php [L,QSA] #protect All Files In *.* Edited September 30, 2012 by kanchatchai Link to comment Share on other sites More sharing options...
birbal Posted September 30, 2012 Share Posted September 30, 2012 putin it outside webroot will work too. which means by any means it is not accessible to public but accessible to php. .htaccess files need to parse on each request thus it affect little bit on performance. It is always recomened if ithere is option for alternative of .htaccess should use that (like if you have access to httpd.conf it is better to set there rather than .htaccess.. similarly, in this case where there is option for doing the same job without .htaccess. i would choose that. Link to comment Share on other sites More sharing options...
westman Posted September 30, 2012 Author Share Posted September 30, 2012 i tried it but id did not work,my code looks like this.... index.php <img src="image.php"> image.php header("Content-type: pics/2/2");echo file_get_contents("pics/2/2.jpg"); Link to comment Share on other sites More sharing options...
kanchatchai Posted September 30, 2012 Share Posted September 30, 2012 header("Content-type: image/jpeg");// not changechange only filename in file_get_contents Link to comment Share on other sites More sharing options...
westman Posted September 30, 2012 Author Share Posted September 30, 2012 its still not working, i used... <?phpheader("Content-type: image/jpeg");echo file_get_contents("pics/2/2.jpg");?> Link to comment Share on other sites More sharing options...
Ingolme Posted September 30, 2012 Share Posted September 30, 2012 its still not working, i used...<?phpheader("Content-type: image/jpeg");echo file_get_contents("pics/2/2.jpg");?> Check that the file path is correct. If you remove the header() line and open that file in the browser you can check for error messages. Link to comment Share on other sites More sharing options...
westman Posted September 30, 2012 Author Share Posted September 30, 2012 ok lol thank youyer it was the path that was incorrectsuch i simple bit of code can stop a full site from working like a line break lolthis php stuff is fun Link to comment Share on other sites More sharing options...
kanchatchai Posted October 1, 2012 Share Posted October 1, 2012 (edited) to header all of filetype with auto check work:) <?php/*credithttp://php.net/manual/en/function.mime-content-type.php#84361*/ if(!function_exists('mime_content_type')) { function mime_content_type($filename) { { preg_match("|\.([a-z0-9]{2,4})$|i", $filename, $fileSuffix); switch(strtolower($fileSuffix[1])) { case "js" : return "application/x-javascript"; case "json" : return "application/json"; case "jpg" : case "jpeg" : case "jpe" : return "image/jpg"; case "png" : case "gif" : case "bmp" : case "tiff" : return "image/".strtolower($fileSuffix[1]); case "css" : return "text/css"; case "xml" : return "application/xml"; case "doc" : case "docx" : return "application/msword"; case "xls" : case "xlt" : case "xlm" : case "xld" : case "xla" : case "xlc" : case "xlw" : case "xll" : return "application/vnd.ms-excel"; case "ppt" : case "pps" : return "application/vnd.ms-powerpoint"; case "rtf" : return "application/rtf"; case "pdf" : return "application/pdf"; case "html" : case "htm" : case "php" : return "text/html"; case "txt" : return "text/plain"; case "mpeg" : case "mpg" : case "mpe" : return "video/mpeg"; case "mp3" : return "audio/mpeg3"; case "wav" : return "audio/wav"; case "aiff" : case "aif" : return "audio/aiff"; case "avi" : return "video/msvideo"; case "wmv" : return "video/x-ms-wmv"; case "mov" : return "video/quicktime"; case "zip" : return "application/zip"; case "tar" : return "application/x-tar"; case "swf" : return "application/x-shockwave-flash"; default : if(function_exists("mime_content_type")) { $fileSuffix = mime_content_type($filename); } return "unknown/" . trim($fileSuffix[0], "."); } }}}$file_path="pics/";//$filename="2/2.bmp";$filename="2/2.jpg";header("Content-type: ".mime_content_type($file_path.$filename));echo file_get_contents($file_path.$filename);?> Edited October 1, 2012 by kanchatchai Link to comment Share on other sites More sharing options...
westman Posted October 3, 2012 Author Share Posted October 3, 2012 that's cool,i am now trying to download my hidden images i tried... $down_file = "http://mysite.com/images/pics/3.jpg";header("Content-Disposition: attachment; filename=pic.jpg");readfile($down_file); but it did not work, any help? Link to comment Share on other sites More sharing options...
Don E Posted October 3, 2012 Share Posted October 3, 2012 (edited) Try adding this between $down_file = "http://mysite.com/images/pics/3.jpg"; and header("Content-Disposition: attachment; filename=pic.jpg"); : header('Content-Description: File Transfer');header('Content-Type: image/jpeg'); If still doesn't work, make sure path is correct and/or fopen wrappers have been enabled in the php.ini file. Edited October 3, 2012 by Don E Link to comment Share on other sites More sharing options...
westman Posted October 3, 2012 Author Share Posted October 3, 2012 (edited) no it did not work i got this error...Warning: Cannot modify header information - headers already sent by (output started at /home/content/31/9408631/html/index.php:91) in/home/content/31/9408631/html/adult/index.php on line 681 Warning: Cannot modify header information - headers already sent by (output started at /home/content/31/9408631/html/index.php:91) in/home/content/31/9408631/html/index.php on line 682 Warning: Cannot modify header information - headers already sent by (output started at /home/content/31/9408631/html/index.php:91) in/home/content/31/9408631/html/index.php on line 683 Warning: readfile(http://mysite.com/images/pics/3.jpg) [function.readfile]: failed to open stream: HTTP request failed! HTTP/1.1 500 Internal Server Error in/home/content/31/9408631/html/index.php on line 684 Edited October 3, 2012 by westman Link to comment Share on other sites More sharing options...
Ingolme Posted October 3, 2012 Share Posted October 3, 2012 output started at /home/content/31/9408631/html/index.php:91You should check that nothing has been sent to the client already. Headers should be the very first thing you send to the client. You should give a local file path, not one with the http protocol, to the readfile() function.For example: readfile('pics/3.jpg'); Link to comment Share on other sites More sharing options...
westman Posted October 3, 2012 Author Share Posted October 3, 2012 no its still not working, can i download an image without using header() ? Link to comment Share on other sites More sharing options...
justsomeguy Posted October 3, 2012 Share Posted October 3, 2012 You need to send headers to tell the browser what to do. The problem is that you have output on your page, and you shouldn't be outputting anything until you send the headers and read the file. Line 91 in the index.php file contains output that is causing the headers to fail when you try to send them on line 681. The problem is not the headers, the problem is the output on line 91. It sounds like you're trying to do too much in one file, maybe consider having a standalone download script without all of the other code. Link to comment Share on other sites More sharing options...
westman Posted October 3, 2012 Author Share Posted October 3, 2012 the 1st line of code i have in my main script is...session_start();can i get a code example of a standalone download script and how it gets called in a main page script please, maybe that would help. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now