Page 1 of 1
prevent image folder access without a username and password
Posted: Mon Dec 20, 2004 7:57 am
by irprog
I am allowing clients to download images by clicking on an icon and downloading the image from a popup window. The problem is that my code authenticates the users id and image id but I can't prevent them from guessing the names of other images in the folder and downloading them too. I cannot password out the folder because the popup requires direct access to the folder.
Posted: Mon Dec 20, 2004 9:42 am
by pickle
Are these images to be available for download? If not, you can just password protect the folder, or move the folder out of the document root, then make a PHP file that opens the image and passes it to the clients browser. So, rather than calling the image, you call this PHP page and it sends the correct image file for you
Posted: Mon Dec 20, 2004 10:53 am
by irprog
They are available for download. I am selling them as photographs so until they are bought they have a watermark. Once purchased a customer can open a popup window from a thumbnail of the image and download the non-watermarked image. Works well but if they look at the properties for the large image they could guess the name of images they haven't paid for and download them by writing the path into the address bar.
Posted: Mon Dec 20, 2004 2:31 pm
by pickle
Well how I'd do it then is in that pop up, just have a link to "image.php?id=324". Then, in image.php, check if the logged in user has bought the picture with id '324' and if they have, let them download it. If not - well, do what you want.
Posted: Mon Dec 20, 2004 6:29 pm
by irprog
I am already doing that. The problem is I allow the purchaser to right click on the image and "save picture as.." . If they look at the image properties they can see where it's stored. If they are smart enough they can paste the URL into the address bar and guess the names of other files. Then they just show in the browser and they can save as many as they want.
Posted: Mon Dec 20, 2004 7:08 pm
by genetix
This would work, whether or not it would work instantly I'm not sure.
Why dont you: (steps)
1. User pays for image
- Script copies image from hidden folder and pastes it with a random number as the name
2. User loads popup
- When the site is done loading the script sends a response back to the server to delete the temporary file.
This would initially only leave the file on the server for a max of like 15 seconds. Would be less if your client had a faster internet connection.
If you want someone to design this for you send me an email:
lshaheen@accesscomm.ca
Posted: Mon Dec 20, 2004 11:32 pm
by timvw
irprog wrote:I am already doing that. The problem is I allow the purchaser to right click on the image and "save picture as.." . If they look at the image properties they can see where it's stored. If they are smart enough they can paste the URL into the address bar and guess the names of other files. Then they just show in the browser and they can save as many as they want.
That is why you should store your images in a non-public (= not accessible by a url) directory.
This way, the only way to refer to the file is through image.php. And there you can perform all the validation you want.
Posted: Tue Dec 21, 2004 9:49 am
by irprog
genetix-how would you know when the user has downloaded the file.
timvw-that would solve the problem of direct access to the folder. I could turn indexing off for that folder but then I'd have to add code to copy from it into a temp folder and I'd still have the same problem as above.
Posted: Tue Dec 21, 2004 9:57 am
by pickle
irprog wrote:I am already doing that. The problem is I allow the purchaser to right click on the image and "save picture as.." . If they look at the image properties they can see where it's stored. If they are smart enough they can paste the URL into the address bar and guess the names of other files. Then they just show in the browser and they can save as many as they want.
If you use image.php, the user would never see the actual location of the images:
Code: Select all
<body>
...
<img src = "image.php?id=335">
...
</body>
If they try and circumvent the system by putting in different ID numbers, then use image.php to do a DB check to see if they're allowed to access that image. If not, then don't output the image.
- Another alternative would be storing the image data itself in a database.
Posted: Tue Dec 21, 2004 10:16 am
by timvw
irprog wrote:
timvw-that would solve the problem of direct access to the folder.
yes.
irprog wrote:
I could turn indexing off for that folder but then I'd have to add code to copy from it into a temp folder and I'd still have the same problem as above.
It doesn't matter if indexing is on/off... because it's a not-public directory; nobody can surf to it... And no you don't have to copy it to a temp folder.
basically image.php or download.php would work like (a little snippet from the system we use)
Code: Select all
// get requested stuff
// validate if user is allowed to download the stuff
// lookup mime type etc...
// output correct headers
// output with readfile
if (!$allowed)
{
// redirect to error page
header('Location: ' . $settings['site']['url'] . 'error.php');
}
else
{
header('Content-length: ' . filesize($path));
header('Content-type: video/' . $extension);
header('Content-Disposition: attachment; filename=' . $file);
readfile($path);
}
Posted: Tue Dec 21, 2004 10:32 am
by irprog
Will this still insert an image in the popup window which can be right-clicked for dowloading
Posted: Tue Dec 21, 2004 10:40 am
by rehfeld
irprog wrote:Will this still insert an image in the popup window which can be right-clicked for dowloading
any image that the user can visually see can be "right clicked" in one way or another.
this thread is related to what your doing. its not perfectly suited to what your doing, but the concept is exactly the same, and its the same concept as suggested in this thread too.
viewtopic.php?t=28026
Posted: Tue Dec 21, 2004 12:09 pm
by timvw
just make your image.php a little smarter:
if the user is not allowed to download it / request a preview -> output the image with watermark
else send the image withouth watermark.
Posted: Tue Jan 04, 2005 5:49 am
by id-communications
Thanks for that. Works well now