How to disp pics outside www-root folder?
Moderator: General Moderators
How to disp pics outside www-root folder?
My www-root folder is \www\htdocs, but I have a folder \www\photos with a bunch of pictures. I would like to be able to display these pictures from webpages inside \www\htdocs. I placed the pictures there for security reasons, since I dont want to let people get to the pics directly. Any idea how I could do this?
Thanks.
Thanks.
Why, what kinda security measure is that, excuse my ignorance, but if you don't want somebody to access the folder thru the Address bar, then just put an index.html file in that picture folder saying that you cannot access that folder, or even better write it in the .htaccess file. That is if you STILL want to show those pictures to the worldd. Otherwise if it's a local problem, then i would still tell you to edit your .htaccess file to make sure that internally people cannot see that folder. I can help you with .htaccess.
I'll try to explain it a little better. Lets suppose I have a pic xyz.jpg. If I store it inside the web root, (ex: in /htdocs/images/xyz.jpg) then people can do this: http://mysite.com/images/xyz.jpg and they can view he page. Placing an index.htm file that redirects to main page only stops people from listing the directory content. I'm new to this, and I thought the only way to prevent people from doing .../images/xyz.jpg in their address bar is to put the folder of pictures outside the web root.mikusan wrote:Why, what kinda security measure is that, excuse my ignorance, but if you don't want somebody to access the folder thru the Address bar, then just put an index.html file in that picture folder saying that you cannot access that folder, or even better write it in the .htaccess file. That is if you STILL want to show those pictures to the worldd. Otherwise if it's a local problem, then i would still tell you to edit your .htaccess file to make sure that internally people cannot see that folder. I can help you with .htaccess.
I know there's some way to modify .htaccess so that RedirectMatch is set to divert all requests for files in that folder to another page. But since I dont know how to do that, I tried my (albeit nonworking) method. Since you said you knew how to deal with .htaccess, could you please help me out? I'll place the folder under web root (htdocs/photos/pics.jpg). Could you help me with what to put in the htaccess file for that folder so that http requests for contents get redirected?
Thanks a lot. =)
Not sure what these guys are talking about, just use php to send the correct header and then stream the file to the browser
Code: Select all
<?php
header('content-type: image/jpeg');
readfile(<filename>);
?>That's what I like about forums... there is always someone with a much easier/better solution....... nice onehedge wrote:Not sure what these guys are talking about, just use php to send the correct header and then stream the file to the browser
Code: Select all
<?php header('content-type: image/jpeg'); readfile(<filename>); ?>
I really like how small this solution is. One last question though. How would I display this picture if I need to use it within some table... i.ehedge wrote:Not sure what these guys are talking about, just use php to send the correct header and then stream the file to the browser
Code: Select all
<?php header('content-type: image/jpeg'); readfile(<filename>); ?>
... <td> <img src="somepic.jpg"> </td> ...
I have never tried that and that could suffice, now that i understand the problem a little bit better, if what stuart said works, and you think that is enough then you should go ahead, quite an interesting sulution. As for the .htaccess file it can give you ALOT of nefty things you can play with, some may work in conjunction with what stuart said, i have never tried this but a request in the browser for http://yoursite/picture.jpg and an entry in .htaccess :
<Directory /www/pictures>
Redirect /www/picture.jpg http://yoursite/htdocs/error.html
</Directory>
BUT, what you are asking is something that i have done before to avoid ppl linking to files and pictures on my website, perhaps this is what you have been looking for:
[Add the following code to your .htaccess file]
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]
This will display an error if someone links to your picture...
The first is something i have never tried and i am curious to see if it works in conjunction with what stuart said. The second is the perfect solution, IF that is what you are looking for
<Directory /www/pictures>
Redirect /www/picture.jpg http://yoursite/htdocs/error.html
</Directory>
BUT, what you are asking is something that i have done before to avoid ppl linking to files and pictures on my website, perhaps this is what you have been looking for:
[Add the following code to your .htaccess file]
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]
This will display an error if someone links to your picture...
The first is something i have never tried and i am curious to see if it works in conjunction with what stuart said. The second is the perfect solution, IF that is what you are looking for
What stuart said works. But not the way I want it to. I tried his code, and sure enough the browser shows the picture. But I dont know how to change his solution so that it can be included in a regular html file with other content as well. For example:
As for what mikusan said, your solution is almost what I want. Your .htaccess code redirects if another website links to my pictures. But what if the person is already viewing my website, and then he tries to view the picture directly? The HTTP_REFERER will then be my website, and he can view the pic. I want it so that the *only* way that the pic can be viewed is to view the page that includes it. So one solution would be to make mod_alias or whatever method the .htaccess file uses to redirect *all* http requestes for anything inside the /photos folder to the error page. Can you give me the .htaccess code for that please?
Thanks to all you guys for your help.
Code: Select all
<html>
<body>
<table> <tr>
<td> Some text </td>
<td> <img src="picture.jpg"> </td></tr></table>
</html>Thanks to all you guys for your help.
WE can work it that way and let .htacces do the dirty work, but your question seems much simpler then, in your html file include the code in php tags.
Code: Select all
<html>
<body>
<table> <tr>
<td> Some text </td>
<td>
<?php
header('content-type: image/jpeg');
readfile(<filename>);
?>
</td></tr></table>
</html>Have you tried:
in .htaccess :
<Directory /www/pictures>
Redirect /www/pictures http://yoursite/htdocs/error.html
</Directory>
in .htaccess :
<Directory /www/pictures>
Redirect /www/pictures http://yoursite/htdocs/error.html
</Directory>
I dont believe that works, since you've already sent text before the header() method. Plus readfile() just dumps the actual file contents, so your code will look like (if the header() command is taken out):mikusan wrote:WE can work it that way and let .htacces do the dirty work, but your question seems much simpler then, in your html file include the code in php tags.Code: Select all
<html> <body> <table> <tr> <td> Some text </td> <td> <?php header('content-type: image/jpeg'); readfile(<filename>); ?> </td></tr></table> </html>
... <td> #$U%I#%U#IO$%U@#%BINARY_FROM_JPEG_FILE@#$J%J@#% </td> ....
I'm gonna try the .htaccess code now ... hope that works.
I think I found my solution. RedirectMatch does what I need (used in .htaccess file). All I need is to make it redirect any url that contains the string "/photos/" in it (since thats the directory I want locked) to an error file. But I dont know the reg expression to use. Can anyone help with that?
RedirectMatch works like this:
RedirectMatch reg-exp-old-page new-page-to-send-to
** I got this from another post. Hope this helps.
RedirectMatch (.*)\.html$ $1.php
This redirects all pages that end in .html to their couterpart ending in .php
as in xyz.html -> xyz.php
/abc/d.html -> /abc/d.php
and so on...
RedirectMatch works like this:
RedirectMatch reg-exp-old-page new-page-to-send-to
** I got this from another post. Hope this helps.
RedirectMatch (.*)\.html$ $1.php
This redirects all pages that end in .html to their couterpart ending in .php
as in xyz.html -> xyz.php
/abc/d.html -> /abc/d.php
and so on...
You can call an image binary from anywhere in your script (even if headers have already been sent). You just do this:Galt wrote:I dont believe that works, since you've already sent text before the header() method. Plus readfile() just dumps the actual file contents, so your code will look like (if the header() command is taken out):
... <td> #$U%I#%U#IO$%U@#%BINARY_FROM_JPEG_FILE@#$J%J@#% </td> ....
I'm gonna try the .htaccess code now ... hope that works.
getimage.php
Code: Select all
$file = $image."jpg";
header('content-type: image/jpeg');
echo readfile($file);Code: Select all
<html>
<body>
<table> <tr>
<td> Some text </td>
<td>
<img src="getimage.php?image=yourfile">
</td></tr></table>
</html>