Keeping images secure

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
bradles
Forum Commoner
Posts: 89
Joined: Wed Jun 30, 2004 10:40 pm

Keeping images secure

Post by bradles »

I have the following folders on my host server.

etc
mail
public_ftp
public_html
tmp
www

Apparently everything I put in "public_html" will be seen by online viewers as my site. As I want to have clients access their images via a password system, someone advised me to have a folder outside this to store the images and have php load the images via a path to that folder...that way no unauthorised access can happen.

If I was to do this, do I just add another folder to the folders here. Example, add the folder /Clients/Weddings/Smith/

As you can see I am fairly new to PHP...but I want to do it properly.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

yea that can get ugly though,

I would recommend using .htaccess to password protect directories.
bradles
Forum Commoner
Posts: 89
Joined: Wed Jun 30, 2004 10:40 pm

Post by bradles »

please forgive my lack of knowledge on this topic. In what way does it get ugly?
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

as you can see those files are "system files" like mail, I wouldn't recommend mixing up these folders with user folders. What's wrong with putting them in public_html/ or www/ with a simple password?
crabyars
Forum Commoner
Posts: 37
Joined: Thu Jun 17, 2004 8:24 pm

Post by crabyars »

Agreed with Phenom, .htaccess is probably the only way to go for full protection. (short of some kind of secure activeX / java viewer) It is a pain I know.
bradles
Forum Commoner
Posts: 89
Joined: Wed Jun 30, 2004 10:40 pm

Post by bradles »

so .htaccess is just using the password protection supplied in my cpanel?
Post Reply