• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Images in CodeIgniter, how to?

#1
[eluser]Sinclair[/eluser]
Hi,

I'am new to images in codeigniter.

In my test website in codeigniter I'am storing the images in files with the paths to the images in the database.

First, I don't want that users reach the folder with images, I only want to show the images in the webpages. The question, where do I put the folder to images and how to protect the folder? Should I create a folder "images" in the "application" folder?

Best Regards,

#2
[eluser]SomeFunkyDude[/eluser]
you could put a blank index.htm file in the folder with the images so people can't visit it and see a directory listing. Also, you can choose an option, see the "dynamic_output" option in the codeigniter image class. you can use dynamic_output to load an image and display it but in the html source output visitors will only see the path to that script that made the image i think

#3
[eluser]Sinclair[/eluser]
Hi,

Thanks for your reply.

I need to put the images outside PUBLIC_HTML, this is possible?

#4
[eluser]JoostV[/eluser]
Yeah. But I doubt if it will you any good. You need to get the file contents from the image and echo them in your view, where they will be visible for everyone to see an grab. So, as long as you show them in an public accessible environment, placing images outside the webroot does not seem to make much sense.

Having said that:
Place images anywhere outside the root folder, e.g. ../images. Then, from your view, call a page that gets the contents of that file and echoes it (make sure you set the right content headers or the browser will not display it as an image!)
Code:
// Get data from file
$data = file_get_contents($filepath);

// Set mime type (image/png, image/gif, image/jpeg)
echo header('Content-Type: image/' . $mime_type);

// Echo file
echo $data;

This means every bit in every image is processed by your server's CPU, it could become quite a memory hog!

#5
[eluser]Sinclair[/eluser]
Hi,

Thanks for your reply.

The need of put the images outside the public_html is because of the following situation... I will upload the photos without watermark, and the image_lib will stamp the watermark. If I put the images in the public_html any user could grab the images without watermark.

It is possible and simple to user image_lib and images outside public_html?


Best Regards.

#6
[eluser]jedd[/eluser]
[quote author="Sinclair" date="1260030037"]
In my test website in codeigniter I'am storing the images in files with the paths to the images in the database.
[/quote]

Store the images in or out of the web directory structure - doesn't matter. Use the blank index.html trick as previously suggested if the directory is navigable using HTTP.

Save the filename (if you think it's important) in your database, but save the file using a UUID, and then refer to that in your URL's, secure in the knowledge no one can reasonably guess any of your other file names.

#7
[eluser]Sinclair[/eluser]
Hi,

The problem with the UUID is that the website does not have backoffice, I insert new data to the website directly to the database using INSERT INTO...

The UUID it is a very good idea but doing by hand it is a pain...

What solution should I choose?

#8
[eluser]jedd[/eluser]
[quote author="Sinclair" date="1260083719"]
The problem with the UUID is that the website does not have backoffice
[/quote]

What is backoffice?

Quote:I insert new data to the website directly to the database using INSERT INTO...

What database type?

Keep feeding only the information asked for - that way we can stretch this out and bump up my post-count. If you were to provide more information up front the whole process would be over before you knew it.

#9
[eluser]Sinclair[/eluser]
Hi, Thanks for the reply.

I unserstand backoffice as the HTML Forms to insert information to the database.

The database is in Postgres, and I insert data using 3 stored procedures that will populate 8 database tables, I don't have HTML forms as backoffice... The upload of images is done by FTP directly to the folder images/add.

Best Regards.

#10
[eluser]jedd[/eluser]
That makes it more interesting.

Postgres, unlike MySQL, does not have core functionality for generating UUID's, however according to [url="http://developer.postgresql.org/pgdocs/postgres/datatype-uuid.html"]this page[/url] the contrib/uuid-ossp module will provide this. Presumably this could be banged into one of your SP's.

Using FTP to insert files directly into the file system is probably rated 'flippin' dangerous' on your scale of 1-10 of security concerns.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.