How to restrict access to images |
[eluser]Unknown[/eluser]
Hi! I'm building a web application with Codeigniter, I have some images on my server and I want that only logged users can see them. The login is made with the session class. I don't want that external users can open the image http://www.mywebapp.com/images/privateimage.jpg in any way. Opening this image I have to control if there is a valid CI session (with some parameters) and then send the image. I've tried to made a controller called "images" (like the folder) and I've tried to add a rule in the htaccess file in order to call a function of this controller that checks the session and than sends the image to the client (I have not done yet this function), but Code: RewriteRule ^images/(.*)$ index.php?/images/$1 [L] I don't know very well the rules of htaccess files and I don't know if there are simplier ways to do this, but if it's possible I want to preserve the correspondence between the link for the image and its position on the web server. Thank you
[eluser]rossj81[/eluser]
CHMOD is the easiest way of restricting access, but won't help if OP wants to base access on $_SESSION. I would create http://www.mywebapp.com/images/imagecont...eimage.jpg completely separate from your CI instance. Then, place the actual image files in either (a) a subfolder CHMODed so that only local users have access, or (b) a folder outside of your www directory so that Apache will never serve it. Then, get your PHP script to validate $_SESSION, read the image file, then serve it as an image: Code: header( "Content-type:image/jpeg" ); Edit: note this might have a performance impact, as you're running every image through PHP |
Welcome Guest, Not a member yet? Register Sign In |