Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Please help me understand this concept !!!
Please help me understand this concept !!!
  • El Forum
    Guest
  •  
#1
10-15-2010, 12:05 PM

[eluser]zrowcrypt[/eluser]
How do sites like FB / Flickr or for that matter any secured websites that store user pictures implement security for the images. In simpler words how can we :

1. Prevent a user X with profile pic x.jpg to view x.jpg by directly typing the picture path in the browser url? The suggestions I got is to use .htaccess to prevent access to images folder and create a helper that will serve the pictures

2. I got the logic in 1 but still not able to visualize how will it be implemented. Will the url of the img in view source different from the actual url of the image file stored on the disk?

3. With a great amount of help from people here I have reached till this point :

Helper:

function show($uri)
{

// get the superobject
$CI =& get_instance();

// call the session library
$user_id = $CI->session->userdata('user_id');

if($user_id)
{

$img_url = './users' . '/' . $user_id . '/' . 'images' . '/' . $uri;

if(file_exists($img_url))
{

$img = fopen($img_url, 'r');

if ($img)
{
header("Content-Type: image/jpg");
header("Content-Length: " . filesize($img));

fpassthru($img);
}
}
}



}

View:
<img /> {pseudo code}


The problem is I want the image to be displayed(img src) on users home page but this function prompts to download .


Now I am a little lost and and a lot more confused. Can someone help me sort things out?
I have already spend one whole day figuring it out and still no luck.

To sum it all in one line, Can the url of the image displayed be different from the url(path) of the image on disk? if so, how are the two connected?
  • El Forum
    Guest
  •  
#2
10-15-2010, 03:49 PM

[eluser]tonanbarbarian[/eluser]
actually what most sites seem to do is store their images somewhere outside of the web root.
apart from that what you have should work but you do not really need to use a helper
what you need for example is a controller called images with a method called show using the code you have above

then the image tag would be
Code:
<img src="/images/show/x.jpg" />

If you are being prompted to download then there is an issue with the mime type in the header
Check to make sure you are not displaying anything before the header commands are called
And then you may need to determine the correct header mime type to used based on the file extension
  • El Forum
    Guest
  •  
#3
10-15-2010, 04:49 PM

[eluser]pbreit[/eluser]
Would this work?
http://www.thesitewizard.com/archive/pro...ages.shtml
  • El Forum
    Guest
  •  
#4
10-15-2010, 05:55 PM

[eluser]n0xie[/eluser]
Try this:
Code:
function show($uri)
    {
        $user_id = $this->session->userdata('user_id');  
          
        if ($user_id)
        {
            $img_url = "/users/$user_id/images/$uri";
            
            if (file_exists($img_url))
            {
                readfile($img_url);
            }
        }
    }
  • El Forum
    Guest
  •  
#5
10-15-2010, 11:04 PM

[eluser]zrowcrypt[/eluser]
Well, i modified the show() helper but now the view gets loaded with the binary characters of the returned image.

How to we call show() from view so that I can see the image and not the binary?

<img /> is what i am using right now
  • El Forum
    Guest
  •  
#6
10-16-2010, 12:52 AM

[eluser]Crimp[/eluser]
Try this:

Code:
header('Content-Type: image/jpg');
echo $image;




Theme © iAndrew 2016 - Forum software by © MyBB