Hey,
today I was wondering on how to solve a specific task: I have a Cake app where users can upload images. As most of us know the image folder in the webroot is public and anyone could view these images, as long as they know the filename (listing of index is prohibited). Another way is to put uploaded files on an image server via ftp and save the filename to the database. The problem I have now is, let's say users terminate their account on my app and still know a few filenames, they could just type in the address with the filename and would still see the image! I guess the problem is the same when I have an image server... So when a file is called abc.jpg, and it was available at http://myapp/img/abc.jpg, also not logged in users could still view this image. I'm looking for an idea or a way to protect this image so only logged in users can view it. It may be ok when other logged in users could view it when they know the address. But it would be very intersting if anyone would have a clue if it would be possible to protect them from a direct access via typing it into a browser as a url... Any ideas or hints for this? Regards, DD -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
