Server Administration
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Codewalkers ForumsOther TechnologiesServer Administration
Reload this Page

Limiting Access

Discuss Limiting Access in the Server Administration forum on Codewalkers.
Limiting Access Topics in this forum should be about server administration on both *nix and Windows platforms. Discussion can include mail servers, web servers, DNS, shell scripting, etc.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Codewalkers Forums Sponsor:
You eat, breathe and sleep innovation. Build your mobile intelligence with BlackBerry® experts this July. Register Today!
  #1  
Old December 12th, 2004, 08:13 AM
r_palkovic r_palkovic is offline
Codewalkers Newbie (0 - 499 posts)
  
Join Date: Apr 2007
Location: San Diego, CA USA
Posts: 129 r_palkovic User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 2
Send a message via ICQ to r_palkovic Send a message via AIM to r_palkovic Send a message via Yahoo to r_palkovic
Limiting Access
I'm running:
Windows 2000
Apache2 (Windows Binaries)

I need to:
Restrict anyone from directly viewing any images stored unless they are linked in a webpage. http://www.somelink.com/image.jpg will not show, but if that same link is in an <img> tag, it should show.

I have tried:
Restricting access w/ .htaccess files w/ apache. Yes, my server supports them. I was able to lock them down, but I did just a good job that you have to have a password to view them at all, and they won't display in <img> tags. No good, obciously.

Any help on the matter would be greatly appreciated!
Reply With Quote
  #2  
Old December 13th, 2004, 12:48 AM
rehfeld_dot_us rehfeld_dot_us is offline
Codewalkers Novice (500 - 999 posts)
  
Join Date: Apr 2007
Posts: 825 rehfeld_dot_us User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 2
RE: Limiting Access
you cant.

you can however, restrict viewing to people who are logged in, or to those people who you have started for example a php session for.

for example, your img tags would look like this

<img src="image_server.php?image=foo.jpg">


then

php Code:
Original - php Code 
  1.  
  2.  
  4.  
  5. if (empty($_SESSION['can_view_images'])) {
  6.     exit;
  7. }
  8.  
  9. if (empty($_GET['image'])) {
  10.     exit;
  11. }
  12.  
  13. $image = $_GET['image'];
  14.  
  15. $ext = end(explode('.', $image));// get file ext
  16.  
  17. header('Content-type: image/'.$ext); // send mime header
  18.  
  19. readfile('images/'.$image); // output image
  20.  


and you would want to do some security checks as well,
in case someone manually entered somthing like this into the url

?image=../../usr/etc/pwd
Reply With Quote
  #3  
Old December 14th, 2004, 04:05 PM
sleighboy sleighboy is offline
Codewalkers Newbie (0 - 499 posts)
  
Join Date: Apr 2007
Posts: 49 sleighboy User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 2
RE: Limiting Access
Red this article. It has the code you want.

http://html.codenewbie.com/articles/html/1453/htaccess__Image_Hotlinking_Prevention-Page_1.html
Reply With Quote
Reply

Viewing: Codewalkers ForumsOther TechnologiesServer Administration > Limiting Access

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 4 hosted by Hostway