SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Enthusiast
    Join Date
    Jul 2009
    Location
    Austria
    Posts
    43
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    hide some photos of a gallery

    hello

    how can I hide files?

    I have got a website with a photo-gallery. This gallery contains 2 categories of photos.

    category 1:
    photos for everyone
    html-code: <img src="...." />

    category 2:
    adult-photos (18+)
    Only PHP (with GD2) may submit these photos. <img src="..." /> is not allowed.

    My idea:
    2 folders:
    - /photos_img => chmod 644
    - /photos_php => chmod 600

    Is that OK? Is that the best way to hide adult-photos?

    ---

    Maybe another method:

    Create a .htaccess-file:
    - deny access to all php_...-photos (for example php_user23_photo1.jpg)
    - allow access to all img_...-photos

  2. #2
    SitePoint Evangelist Waffles's Avatar
    Join Date
    Nov 2005
    Posts
    435
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well if you have some kind of login system for site users, then simply make like two "levels", one that can view all pictures, one that cannot, then just simply:

    PHP Code:
    if($validUser) {
     
    //display restricted content
    } else {
     
    //you cant see these photos!

    using .htaccess etc would over complicate what is essentially an if statement.

  3. #3
    SitePoint Enthusiast
    Join Date
    Jul 2009
    Location
    Austria
    Posts
    43
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Iīve already finished my php-programm. Thatīs not the problem. There is a login. Everyone who is at least 18, can watch the adult-photos.

    The problem is: at the moment everyone can view all adult-photos, if the user knows the url.

  4. #4
    SitePoint Addict
    Join Date
    Oct 2008
    Posts
    295
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So you can get the user age from them when they login. Store that age for example in session when they do login. Then just when user tries to see the images you check his age from session variable, and if its over 18 you show all images, if not you show only some images. Pretty much the same way as Waffles already said. This way it does not matter if the user knows the url or not because he must be valid to see the images.

    When you chmod the dirs, its the same for all people outside your box (all visitors). Everyone see everything or everyone see nothing pretty much.

  5. #5
    SitePoint Enthusiast
    Join Date
    Jul 2009
    Location
    Austria
    Posts
    43
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So you can get the user age from them when they login. Store that age for example in session when they do login. Then just when user tries to see the images you check his age from session variable, and if its over 18 you show all images, if not you show only some images.
    I&#180;ve already done this.

    But a user (member) could copy the url of a adult-photo and paste it on an other homepage. So finally everyone could see this photo without a login.

  6. #6
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2006
    Location
    Augusta, Georgia, United States
    Posts
    4,194
    Mentioned
    17 Post(s)
    Tagged
    5 Thread(s)
    Store the photographs outside the site root then you can manage access based on the user permissions. It appears as if you would have a basic permission and adult permission. Then only serve up adult photos when the session for a user exists and has the allowed permission to view those types of photos.

  7. #7
    SitePoint Mentor silver trophy
    Rubble's Avatar
    Join Date
    Dec 2005
    Location
    Cambridge, England
    Posts
    2,443
    Mentioned
    82 Post(s)
    Tagged
    3 Thread(s)
    If you save the image as a non standard one for example .miff most computers and browsers will not display it.

    When you display the image use some code to convert it to a viewable .jpg "on the fly".

    This can probably be done with ImageMagick and only people can access the viewable page.

    I do not know how much time it would take to display the image and you would need to work out the exact method.

  8. #8
    SitePoint Enthusiast
    Join Date
    Jul 2009
    Location
    Austria
    Posts
    43
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Store the photographs outside the site root
    I don&#180;t think, that providers allow this.
    If you save the image as a non standard one for example .miff
    But the browser downloads the photo. The photo is saved on the computer. The user could rename the file and open it. Using a non-standard-extension is not a protection.

  9. #9
    SitePoint Mentor silver trophy
    Rubble's Avatar
    Join Date
    Dec 2005
    Location
    Cambridge, England
    Posts
    2,443
    Mentioned
    82 Post(s)
    Tagged
    3 Thread(s)
    But the browser downloads the photo. The photo is saved on the computer. The user could rename the file and open it. Using a non-standard-extension is not a protection.
    That would be a problem with any image I think you are after the impossible.

    Look at : http://www.rubblewebs.co.uk/TESTS/example.php
    The first image is the miff one and the second is the dynamic version. You can write some code so only logged in users can see the jpg version.

  10. #10
    SitePoint Enthusiast
    Join Date
    Jul 2009
    Location
    Austria
    Posts
    43
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    test.miff and display.php are the same photos. It&#180;s no problem to open test.miff, if imagemagic is installed


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •