[PHP] Strategy to protect images
Hi all, i have to forbid users of my site to view images directly (i.e. writing the image URL in the address bar) but they'd be able viewing them from the pages of the site. What's the best way of doing it, or something similar? Is there a common strategy using PHP? Thank you for any hint :-) Ciao, Stefano -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: VOGLIA DI VACANZE ? * A Riccione i Family Hotels sono gli alberghi specializzati per le vacanze dei bambini Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7984&d=15-6 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
Yes... you can do it. Instade of direct url image, use the url of a php script written(algorithm) below.. --- Nirmalya Lahiri [+91-9433113536] --- On Sun, 6/15/08, Stefano Esposito <[EMAIL PROTECTED]> wrote: > From: Stefano Esposito <[EMAIL PROTECTED]> > Subject: [PHP] Strategy to protect images > To: php-general@lists.php.net > Date: Sunday, June 15, 2008, 5:18 PM > Hi all, > > i have to forbid users of my site to view images directly > (i.e. > writing the image URL in the address bar) but they'd be > able viewing > them from the pages of the site. What's the best way of > doing it, or > something similar? Is there a common strategy using PHP? > Thank you for > any hint :-) > > Ciao, > Stefano > > > -- > Email.it, the professional e-mail, gratis per te: > http://www.email.it/f > > Sponsor: > VOGLIA DI VACANZE ? > * A Riccione i Family Hotels sono gli alberghi > specializzati per le vacanze dei bambini > Clicca qui: > http://adv.email.it/cgi-bin/foclick.cgi?mid=7984&d=15-6 > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
I am not familiar with this bit of http. It looks like something I want to explore. Can you send html as well as just the image? Thanks Stephen Nirmalya Lahiri wrote: Yes... you can do it. Instade of direct url image, use the url of a php script written(algorithm) below.. --- Nirmalya Lahiri [+91-9433113536] --- On Sun, 6/15/08, Stefano Esposito <[EMAIL PROTECTED]> wrote: From: Stefano Esposito <[EMAIL PROTECTED]> i have to forbid users of my site to view images directly (i.e. writing the image URL in the address bar) but they'd be able viewing them from the pages of the site. What's the best way of doing it, or something similar? Is there a common strategy using PHP? Thank you for any hint :-) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
On Sun, Jun 15, 2008 at 8:51 AM, Stephen <[EMAIL PROTECTED]> wrote:
> I am not familiar with this bit of http. It looks like something I want to
> explore.
>
> Can you send html as well as just the image?
>
> Thanks
> Stephen
>
> Nirmalya Lahiri wrote:
>
>> Yes... you can do it. Instade of direct url image, use the url of a php
>> script written(algorithm) below..
>>
>> > /*
>> Write down the code to check
>> authentication of users
>> if( unauthorise user )
>> then exit from code
>> */
>>
>> /* Read the image data from file */
>> header('Content-type: image/jpeg');
>> /* echo the raw image data */
>> ?>
>>
>>
>> ---
>> Nirmalya Lahiri
>> [+91-9433113536]
>>
>>
>> --- On Sun, 6/15/08, Stefano Esposito <[EMAIL PROTECTED]> wrote:
>>
>>
>>
>>> From: Stefano Esposito <[EMAIL PROTECTED]>
>>>
>>> i have to forbid users of my site to view images directly
>>> (i.e.
>>> writing the image URL in the address bar) but they'd be
>>> able viewing
>>> them from the pages of the site. What's the best way of
>>> doing it, or
>>> something similar? Is there a common strategy using PHP?
>>> Thank you for
>>> any hint :-)
>>>
>>>
>>>
>>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
No, the content type directive is only for the image
--
Bastien
Cat, the other other white meat
Re: [PHP] Strategy to protect images
At 1:48 PM +0200 6/15/08, Stefano Esposito wrote: Hi all, i have to forbid users of my site to view images directly (i.e. writing the image URL in the address bar) but they'd be able viewing them from the pages of the site. What's the best way of doing it, or something similar? Is there a common strategy using PHP? Thank you for any hint :-) Ciao, Stefano Stefano: As for protecting images, when a user views an image, they have it in their browser. Its' usually a simple process for users to drag and drop the image to their desktop so they can view it anytime they want. You can slow them down by making it a bit more complicated, like so: http://webbytedd.com/b/protect-image/ But, a sophisticated user will find a way around that. The typical way to protect pictures is to provide them as thumbnails and when viewed normal size, then add a watermark (copyright notice or other such image alteration) to the picture, like so: http://webbytedd.com/b/watermark/ Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
But, a sophisticated user will find a way around that. A less sophisticated one will use the PrintScr key... :-) -- Richard Heyes Employ me: http://www.phpguru.org/cv ++ | Access SSH with a Windows mapped drive | |http://www.phpguru.org/sftpdrive| ++ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Canvas examples
Does anyone have any more examples of the new canvas element they've written? FF only: http://www.phpguru.org/canvas.html -- Richard Heyes Employ me: http://www.phpguru.org/cv ++ | Access SSH with a Windows mapped drive | |http://www.phpguru.org/sftpdrive| ++ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Canvas examples
On 6/15/08, Richard Heyes <[EMAIL PROTECTED]> wrote: > > Does anyone have any more examples of the new canvas element they've > written? > > FF only: http://www.phpguru.org/canvas.html > > -- That's very cool, Richard. --David.
Re: [PHP] Canvas examples
That's very cool, Richard. Well, thanks, but I wouldn't call it "very cool". Now a graphing library that output the results using a canvas, thus negating the need for JPGraph would definitely be nice. Or you could just use JPGraph and get to the pub earlier... :-) -- Richard Heyes Employ me: http://www.phpguru.org/cv ++ | Access SSH with a Windows mapped drive | |http://www.phpguru.org/sftpdrive| ++ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
This is how I do it:
1) put image files in folder that is not accessable from browser, like
outside of http root dir.
2) in the img src tag point src to script like src="/image.php?imageID=$someID">
where $someID is the id of image or name of image you want user to see
3) the image.php script will have the function to make sure that user
has right to access the image, for example the user is logged in.
if user has the right to view the image then do something like this:
$pathtoimage is the full path you have to calculate based on image name
or imageID
$strFile = file_get_contents($pathtoimage);
if($strFile)
{
header('Content-type: image/jpeg' );
echo $strFile;
}
Stefano Esposito wrote:
Hi all,
i have to forbid users of my site to view images directly (i.e.
writing the image URL in the address bar) but they'd be able viewing
them from the pages of the site. What's the best way of doing it, or
something similar? Is there a common strategy using PHP? Thank you for
any hint :-)
Ciao,
Stefano
--
Email.it, the professional e-mail, gratis per te: http://www.email.it/f
Sponsor:
VOGLIA DI VACANZE ?
* A Riccione i Family Hotels sono gli alberghi specializzati per le vacanze dei bambini
Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7984&d=15-6
--
Open Source ALL content management
with streaming video
http://wiki.sharedlog.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Canvas examples
Richard Heyes wrote: Does anyone have any more examples of the new canvas element they've written? FF only: http://www.phpguru.org/canvas.html This is a pretty interesting use of Canvas as well. Thanks for sharing! http://ejohn.org/blog/processingjs/ -- Ray Hauge www.primateapplications.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] extension=mssql.so vs. ;extension=php_mssql.dll
Hi, I am not sure what is exactly the problem with my configurations while I am trying to configure Apache, PHP and FreeTDS throughout my attempts to install these packages into my Linux. It appears that I am doing everything correctly as I am going through listservs, forums and online articles for the configurations, but there is something that goes wrong. So far I have noticed that in my phpinfo() page, I still don't see the mssql packages listed as I should have. Some things I need to be clarified: 1. I noticed that in http://us.php.net/mssql, it mentioned how we are supposed to add extension=mssql.so in the php.ini file, while in other places I was told to uncomment extension=php_mssql.dll. It appears that this did not give me the right configurations, still, even though the installation did suggest that mssql support is yes. 2. I used the following to configure my PHP AFTER I had installed and compiled FreeTDS like most of you said, ./configure --with-mssql=/usr/local/freetds --prefix=/usr/local/php, but every single time, it gives me this: Directory /usr/local/freetds is not a FreeTDS installation directory Could this signify the reason why I cannot see PHP configured with MSSQL connection? If yes, why is it possible that the support for MSSQL in the php.ini file has been commented out? Thanks in advance. --- Alice Wei MIS 2009 School of Library and Information Science Indiana University Bloomington [EMAIL PROTECTED]
Re: [PHP] Strategy to protect images
At 4:11 PM +0100 6/15/08, Richard Heyes wrote: But, a sophisticated user will find a way around that. A less sophisticated one will use the PrintScr key... :-) -- Richard Heyes Must be a windozes thing. :-) Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Canvas examples
This is a pretty interesting use of Canvas as well. Thanks for sharing! http://ejohn.org/blog/processingjs/ This is very nice. -- Richard Heyes Employ me: http://www.phpguru.org/cv ++ | Access SSH with a Windows mapped drive | |http://www.phpguru.org/sftpdrive| ++ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
Must be a windozes thing. :-) I guess so. PrintScr takes a snapshot of the current screen, ie a screenshot and places it on the clipboard. Then you simply paste into something like Paint and save it. -- Richard Heyes Employ me: http://www.phpguru.org/cv ++ | Access SSH with a Windows mapped drive | |http://www.phpguru.org/sftpdrive| ++ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
At 7:35 PM +0100 6/15/08, Richard Heyes wrote: Must be a windozes thing. :-) I guess so. PrintScr takes a snapshot of the current screen, ie a screenshot and places it on the clipboard. Then you simply paste into something like Paint and save it. -- Richard Heyes ` Oh that -- in Mac-land we have as well. Plus we have a way to save any part of a screen shot. But I was talking about drag and drop from the browser window that will allow the user to get the original image and not just the screen shot of the image, which may be a different size. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP session expiring too early?
I am experiencing a strange bug after upgrading to PHP 5.2.4 with the Zend Optimizer 3.3.3. In two of our locally-hosted web applications, NolaPro and SugarCRM, the login sessions are expiring after 5 minutes of inactivity and I cannot figure why. The relevant values from my /etc/php.ini file are as follows: session.save_path = /var/lib/php session.use_cookies = 1 session.cookie_lifetime = 0 session.auto_start = 0 session.cookie_path = / session.cookie_domain = session.gc_maxlifetime = 1440 session.cache_limiter = nocache session.cache_expire = 180 /var/lib/php is set to 777 permissions. There is a cron job in /etc/cron.d/php: 09,39 * * * * root [ -d /var/lib/php ] && find /var/lib/php/ -type f -mmin +$(/usr/lib64/php/maxlifetime) -print0 | xargs -r -0 rm The script /usr/lib64/php/maxlifetime outputs the value "24" which is consistent with the value in the php.ini file. There are no .htaccess files in the root directories for either of the applications. Does anyone know what else could be causing this problem? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Strategy to protect images
On Sunday 15 June 2008 14:25:36 Nirmalya Lahiri wrote:
> Yes... you can do it. Instade of direct url image, use the url of a php
> script written(algorithm) below..
>
> /*
> Write down the code to check
> authentication of users
> if( unauthorise user )
> then exit from code
> */
>
> /* Read the image data from file */
> header('Content-type: image/jpeg');
> /* echo the raw image data */
> ?>
I used this method to put out images, some of witch was our own that had to be
watermarked and the rest just echoed.
Then I didn't have to care if someone just addressed site.com/images?id=2
or just site.com/index.php
I got credit for my own images.
Watermarking must be one of the best hinderance to keep ppl from using their
images without asking. Of course not putting them out at all, should be
considered.
Heh while on topic, if for one reason you _need_ to have visitors on your site
and not just the shortcuts to the important stuff(?), you probably do that
for comercial reasons, witch implies a login system, witch would make denying
access easy. =D
For a ad bogged down site, witch also would like to hinder guest to access
material their prefered way yeah well, Hope they go backrupt
>
>
> ---
> Nirmalya Lahiri
> [+91-9433113536]
>
> --- On Sun, 6/15/08, Stefano Esposito <[EMAIL PROTECTED]> wrote:
> > From: Stefano Esposito <[EMAIL PROTECTED]>
> > Subject: [PHP] Strategy to protect images
> > To: php-general@lists.php.net
> > Date: Sunday, June 15, 2008, 5:18 PM
> > Hi all,
> >
> > i have to forbid users of my site to view images directly
> > (i.e.
> > writing the image URL in the address bar) but they'd be
> > able viewing
> > them from the pages of the site. What's the best way of
> > doing it, or
> > something similar? Is there a common strategy using PHP?
> > Thank you for
> > any hint :-)
> >
> > Ciao,
> > Stefano
> >
> >
> > --
> > Email.it, the professional e-mail, gratis per te:
> > http://www.email.it/f
> >
> > Sponsor:
> > VOGLIA DI VACANZE ?
> > * A Riccione i Family Hotels sono gli alberghi
> > specializzati per le vacanze dei bambini
> > Clicca qui:
> > http://adv.email.it/cgi-bin/foclick.cgi?mid=7984&d=15-6
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
--
---
Børge Holen
http://www.arivene.net
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHPMailer not working but Squirell mail works
i just dont know if this may help... but Im 90%sure SquirrelMail uses IMAP to connect with the server also, phpmailer should give you an error code and error string, can you paste here? saludos On Fri, Jun 13, 2008 at 8:55 PM, Iv Ray <[EMAIL PROTECTED]> wrote: > Shiplu wrote: >> >> In my web server, I cant send mail by PHPMailer. > > What does this mean? > > Do you get an error message, etc.? > > Iv > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Los sabios buscan la sabiduría; los necios creen haberla encontrado. Gabriel Sosa -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Does PHP support utf16 encode / decode
Hi, I know PHP supports utf8 encode/decode, but does it support utf16 encode/decode? If yes, would you please point me a php manual URL? Thank you. Jim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Does PHP support utf16 encode / decode
hce wrote: > Hi, > > I know PHP supports utf8 encode/decode, but does it support utf16 > encode/decode? If yes, would you please point me a php manual URL? It's listed as supported under the mbstring functions here: http://www.php.net/manual/en/mbstring.supported-encodings.php -- Postgresql & php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Apache RewriteRule Help!!!!
El Fri, 13 Jun 2008 10:23:29 -0400
"Daniel Brown" <[EMAIL PROTECTED]> escribió:
> You can start by asking your question on an Apache list. This has
> nothing to do with PHP. ;-P
>
> To answer your question, use this in your .htaccess file:
>
> RewriteCond %{SCRIPT_FILENAME} index
> RewriteCond %{QUERY_STRING} ^[a-zA-Z0-9]
> RewriteRule .* http://www.yourdomain.com/404.php [L]
>
> Next time, though, please try to ask questions on the appropriate
> lists.
>
I did write to the apache users list at the same time more or less and
still waiting a reply :'(
---
.-.
| Miguel J. Jiménez |
| Sector Público, ISOTROL S.A.|
| [EMAIL PROTECTED] |
:-:
| KeyID 0xFFE63EC6 hkp://pgp.rediris.es:11371 |
:-:
| Edificio BLUENET, Avda. Isaac Newton nº3, 4ª planta.|
| Parque Tecnológico Cartuja '93, 41092 Sevilla (ESP).|
| Tlfn: +34 955 036 800 (ext.1805) - Fax: +34 955 036 849 |
| http://www.isotrol.com |
:-:
| UTM ED-50 X:765205.09 Y:4144614.91 Huso: 29 |
:-:
| "Me dijeron: 'instala Windows, se listo'; así que |
| instalé primero Windows y luego fui listo y lo borré|
| para instalar Linux"|
'-'
signature.asc
Description: PGP signature
Re: [PHP] Does PHP support utf16 encode / decode
On Mon, Jun 16, 2008 at 3:59 PM, Chris <[EMAIL PROTECTED]> wrote: > hce wrote: >> Hi, >> >> I know PHP supports utf8 encode/decode, but does it support utf16 >> encode/decode? If yes, would you please point me a php manual URL? > > It's listed as supported under the mbstring functions here: > > http://www.php.net/manual/en/mbstring.supported-encodings.php Thanks Chris for the link, PHP has utf8_encode and utf8_decode. Does PHP provide utf16_encode and utf16_decode, or the mbstring has different functions to encode and decode utf16? Thank you. Jim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
